Tuesday, March 31, 2009

Conference on machinima law at Stanford

April 24-25, announced here. Description:
Play Machinima Law is a two-day conference that will explore a series of key issues relating to what is often called "player-generated" or "user-created" content based on digital games or created in game and virtual worlds. Topics will include machinima, game art, game hacking, open source ideas and "modding", technology studies, player/consumer-driven innovation, cultural studies, fan culture, legal and business issues, transgressive play, game preservation, and notions of collaborative co-creation drawn from virtual worlds and online games. Experts from the major players in the digital game arena, lawyers, practitioners, and academics will convene at Stanford to discuss the legal issues associated with gameplay in regards to user-generated content, machinima, and game-related practices.

Monday, March 30, 2009

Integrative Thinking About Life Cycle Analysis: Promises & Limitations

Initiative for Global Environmental Leadership (IGEL), Penn/Wharton, Second Annual Conference-Workshop

Life Cycle Information and Policy Implications –

Moderator: Ellen Goodman (Rutgers Law)

How does the law deal with the goals of market efficiency and, possibly competing, shaping consumer preferences in environmentally friendly ways?

Opening thoughts: LCA is complex and uncertain and there are competing methodologies; it may be inherently inappropriate to make a green/greener claim in marketing; nobody has really done LCA of multiple competitors’ products. At the same time, lots of companies are making these claims. And there’s a market for LCA, people believe. What is to be done?

Mary Ann Curran (Director, Systems Analysis Branch, Life Cycle Analysis, EPA)

Discussed variations on the idea: life cycle assessment v. life cycle analysis v. life cycle management (which includes social needs). “Lust-to-dust” analysis looks holistically at multimedium (air, water, solid waste) and multiattributes. Victim of its own success—people are using the term “life cycle” in different ways.

She sees 3 variants: (1) greenhouse gas life cycle analysis. It has the cradle-to-grave component, but only in terms of warming impact. Very true for biofuels. (2) people say they’re looking at product life cycle, but are really looking at end-of-life management. Recycling v. conservation. Nanotech: once the product is used and ends up in the water, we need to figure out its impact. (3) Application of life cycle thinking, like the EPA’s Environmentally Preferable Purchasing—EPA looks cradle-to-grave at product category, but then apply a theory of what needs to be done. So, with paint, they give good marks to paint with low VOCs or recycled cans—a checklist approach. A modified LCA. The reason: the data are so hard to get at to do a full LCA. We need better data.

Tools she’s seen: carbon management (where are carbon or CO2 equivalents released across the life cycle?); comparative risk assessment (used by people interested in exposures, across the product system: where are chemicals released into the environment?); ecological footprint (material analysis in square miles of resource use); net energy balance (are you getting more energy out of the system than you’re putting in—corn ethanol v. gasoline, process inputs in making fuel); exergy (energy use modeled so that it produces work; anything not being used as work is being absorbed by the environment—quantitative, but leap of faith to say there’s an environmental impact); fuel cycle analysis (variation of air emissions); greenhouse life cycle; LCA; material flow (seems like LCA, but differs in looking at particular material, e.g. aluminum as it’s created and enters into the economy; you’re supposed to look at enviro impacts across the way, v. looking at impacts of the product into which the aluminum is incorporated); sustainable development indicators (not precise tool, but a checklist approach of issues to be addressed).

Greenhouse analysis is a good study, but let’s not forget the water and land issues. Message: LCA is the cornerstone of sustainability, though other tools play a part. LCA allows manufacturers to look inward and make improvements, and helps government make policy, but better data is the key.

Rebecca Tushnet (Georgetown Law)

Background: How do LCA issues become questions of advertising law?

When you make a representation in your ads it’s always necessary to ask: What will a reasonable consumer think? A reasonable consumer is moderately skeptical, but believes in specific factual representations, and often believes that there is evidence behind them, so you have to be able to back up your claims. Consumers don’t and won’t know the details—something like assessment v. analysis will be meaningless to them.

In America (and be aware, EU regulates comparative claims much more heavily, so watch out for that), there are three sets of potential challengers:

(1) Government--FTC: Green Guides, guidelines for marketers with examples of what is and isn’t acceptable, currently under review—comments are invited. Carbon neutrality and offsets, for example, are a big issue; LCA fits in too as a new development since the Green Guides were first promulgated.

(2) NAD-arm of Better Business Bureau and Lanham Act; (3) consumer lawsuits.

Some examples of problematic greenish claims: “Animal Care Certified,” “raised without antibiotics,” “degradable,” “environmentally friendly—without mercury.” Those are all misleading, for various reasons.

LCA if done right is a step up: under the caselaw, if your methodology is reasonable, then even if you come out differently under a different methodology and which is better is debatable, you aren’t engaged in false advertising. Do it fairly and in good faith, without cherrypicking or shading the facts, and you can advertise it, even if there’s disagreement. This is why twenty years of litigation between headache remedy makers left competing superiority claims in ads—each advertiser has evidence on its side, and though they can’t all be right none of them are definitively wrong. Caveat: if the FTC or the EPA decides on a method or metric you need to use, you need to use it.

Key concepts to take away: Falsity is not the same as misleadingness. Beware of both. When dealing with FTC or NAD, you need substantiation. And in competitor lawsuits you need substantiation for establishment claims—claims that state or imply scientific backing, which most environmental claims will. Finally, beware “environmentally friendly”—that’s a term that raises regulatory hackles. It may be that good LCA is the only way to be able to make a general “environmentally friendly” claim.

Mario Teisl (University of Maine, Economics)

Labeling can come from different players: NGOs, government agencies; some are based on absolute product differences, others are industry-specific (e.g., fisheries). Information is not a single thing; neither is “the consumer.” There are multiple types, and your information will be targeted for different consumers/values.

Assumption: consumers are confused about LCA because they don’t care or they’re stupid. But that’s not right. 15% of the population is unreachable and will misunderstand regardless of what you do.

What is the purpose of eco-awareness strategy for labels? Labels allow consumers to make comparison across products; not educative in the short run, though there are educational approaches. Labels and ads do give consumers something they didn’t have before: shows what the choices are. Consumers didn’t know and had no incentive to learn before the label. Why tell someone to consume green if there’s no way to implement that when they go to the grocery store?

Are these strategies effective? Depends on your metric. They can (but will not always) change knowledge, attitudes, and behaviors. Evidence on dolphin-safe labeling of tuna, and the Nordic Swan and how it affected paper product sales, shows significant shifts. Companies’ use of the strategies also suggests that they’re effective at least sometimes. But do they translate into environmental change? That’s harder to tell. (Someone might consume more paper if she knows it’s recycled.)

Assume that people do care, but are confused/ignorant. Women are more affected by environmental information; age, income, education effects; social psychology effects—can affect the way people view others and the way they think others view them (status). Choice characteristics: how consumers process info depends on preexisting perceptions of the product or company, which sometimes may not be in a direction the marketer wants.

Stages of choice: buying eggs v. buying cars. People make 2 decisions with cars: what class of vehicle to get—SUV, truck, minivan—99% based on usefulness of vehicle for them, not environmental considerations. Once the class decision has been made, though, decisions among types are affected by environmental information. Quite often environmental benefits don’t cost more there. Info environment makes a difference—won’t research the background of a can of tuna, but when you buy a car you get loads of information—manufacturer, Car & Driver magazine, other sources.

Issue awareness: is the issue close in space, in time, in biological characteristics (we like fuzzy things more than slimy things/biodiversity).

Consumers’ reactions to LCA will not necessarily be what you expect.

Details, source (credibility), and presentation (table, numbers, summary score, whether it’s absolute or relative, graphics) all matter. Whether the information is standardized within or across product classifications is a big deal. Is it mandatory or voluntary? These individual components interact—the negative effect of non having standardized info can be mitigated by the level of detail. Ancillary info: not on the product—(1) info you control and (2) info you don’t control. Government may check your claims, but NGOs/competitors can also take your info and change it. Since most Americans are ignorant of environmental labeling (better history in the EU), when most people don’t have firm beliefs about your product, it’s easy to attack your strategy.

Communicating these characteristics effectively isn’t easy. You can even get a negative reaction—consumers already have preexisting expectations about your product; some consumers will respond negatively to a new environmental message that goes against what they already think about the product. Teisl found this with health and environmental claims—some segment of the population always pushes back against positive product claims. People are inherently skeptical, and the hard sell gets a harder pushback.

Info disclosure is hard. But LCA is hard too, and you’re doing that. It’s worth doing right.

Nutrition labeling clearly affected consumption. Note that we had nutrition labeling before the FDA intervened—it was just nonstandardized and patchy, so consumers couldn’t use it. You can’t just start throwing info out; you need to figure out what people want to know and what they understand. So: keep nutrition panel short. Over time, the FDA added lines because people asked for more. It’s not everything-or-nothing.

Laura Forlano (Yale Law Information Society Project)

New technologies, especially pervasive computing/social media, and their role in environmental sustainability. Human-centered design: find out what people are doing and why, which can explain why corporate policy isn’t getting implemented (why hotels say they don’t replace your towels as a default, but individual room cleaners often do replace your towels even when you hang them up—perhaps they get more tips that way). Can be applied to consumers as well. You can use lead/early adopters to figure out what to do for majority consumers. In LCA, tell the stories of the workers at the plant and the relationship of the plant to the community.

Prototype: A pollution e-sign project, communicating local air quality through wireless devices as they pass by. Another project by Natalie Jerimijenko: a printer queue virus, printing out a tree ring every time one tree’s worth of paper has been used. Same artist: OneTrees, planted a bunch of cloned trees in a bunch of places and looked at environmental impacts on them. Another idea: add barcodes to products linking to information online—can find out whether a company is polluting or using coerced labor.

Q: Secretly environmentally friendly products, blocked by legal/environmental concerns from announcing redesign. Is the balance proper?

My answer: false positives trade off with false negatives most of the time, though there are design improvements like Teisl talked about. I think the standard is right, even though there will always be mistakes.

Q: How to affect decisions on what type of vehicle to buy?

Teisl: Car & Driver doesn’t care; if you get Car & Driver/other information sources like Consumer Reports to pay attention, that may help. Still, a lot of times people have commuting characteristics—carpenters need trucks. You may want to get people out of SUVs into station wagons; even within each class, there’s a relatively wide range of environmental characteristics, though that wasn’t true in the past. Do you have producers change the product, or try to educate consumers? They both work.

Locked out: standing ends false designation of origin case

Kwikset Corp. v. Superior Court, 90 Cal. Rptr. 3d 123 (Ct. App. 2009)

This case (earlier trip to the court of appeals discussed here) is founded on claims that Kwikset falsely labelled its products as made in the USA when they didn’t meet the statutory definitions of same. The litigation was begun before California amended its unfair competition statutes to tighten standing requirements by requiring economic injury—lost money or property. Here, the court of appeals determined that the real parties in interest (plaintiffs) couldn’t allege standing under the new requirements.

Basically, all that plaintiffs could show was that they purchased Kwikset locksets based on the “Made in the U.S.A.” claims. But that’s not sufficient to allege loss of money or property, because the locksets had intrinsic value even if their geographic origin wasn’t what the plaintiffs wanted. The injury has to be economic, not the injury inherent in deception.

Here, there was no allegation that the locksets were defective/poor-performing, were not worth the purchase price, or cost more than similar products without false country of origin labels. The purchasers intended to buy locksets. As long as a person receives a product or service of equivalent value in exchange for the payment, she hasn’t lost money for purposes of the California statutes.

This ought to depend on the idea that the plaintiffs intended to buy locksets; if you induce me to buy storm windows with the false representation that I need them, and I don’t need them, then even if they’re perfectly good storm windows I’ve suffered a monetary loss. But some of the cases go further and suggest that as long as I paid market price I’m just out of luck, which seems to open up fertile ground for deception. The court responded to this concern by noting that public prosecutors don’t need to meet the standing requirements; in fact, after plaintiffs here sued, the defendants entered into a consent order with the FTC “limit[ing]” their use of inaccurate country of origin labels.

Plaintiffs argued that they could amend the complaint to allege that alternative, cheaper locksets were available, or that the locksets weren’t worth the price paid, but there was no record evidence or other proof of this, and the case has already been through trial. There was no reasonable possibility they could truthfully amend the complaint.

False patent marking may not be false advertising

Rainworks Ltd. v. Mill-Rose Co., 2009 WL 773531 (N.D. Ohio)

Rainworks makes gutter protection systems, including the Hedgehog. Rainworks has a US patent for an ornamental design for a gutter filter.

In 1997, Rainworks approached Mill-Rose about selling the Hedgehog in the US, supplying it with confidential information and samples pursuant to a confidentiality agreement. Rainworks ultimately gave an exclusive license to another defendant, AmeriSales, to sell gutter filters and other products to be sold under the GutterPiller name, provided that AmeriSales could not market using the internet. Rainworks was to own all brand names. Eventually, Rainworks terminated the agreement for failure to pay minimum royalties.

Rainworks sued a bunch of defendants for patent infringement, trademark infringement, false advertising, and related claims, including false patent marking.

Defendants sold GutterPiller protectors as patented, allegedly knowing that they weren’t covered by any patent, in violation of 35 USC § 292. This requires a showing that the false marking was for the purpose of deceiving the public. As a defendant testified at deposition, the false marking here was done in error. It was supposed to be “our registration number for the registration of our name.” (What? What would that even be? If that was the intent, how did the packages end up with the number of Rainworks’ patent?) The false markings were on the packaging, not on the product, even though it would have been feasible to mark the product itself—and marking the product itself, where feasible, is a requirement for giving notice of a real patent under 35 USC § 287. Because marking the packaging would be insufficient to give notice of a real patent, marking the packaging is equally insufficient for false marking liability under § 292, a penal statute. (Again, what? Seems to me the marking and false marking provisions are directed at very different problems.) Anyway, in light of the deposition testimony, there was a genuine issue of material fact on intent to deceive.

Rainworks then argued for patent infringement under the doctrine of patent marking estoppel—given that defendants marked some or all of their products/packages with Rainworks’ patent number, they can’t deny infringement of that patent. But some courts have been skeptical of the doctrine—it should only apply when it’s inequitable for a defendant to reverse positions. The court declined to apply estoppel here, because the patent number was only marked on packaging (oh, and the products were described as patented in defendants’ ads; that must have been an interesting deposition).

Rainworks argued that falsely advertising a product as “patented” or protected by a particular patent was false advertising under the Lanham Act and state law. The court found genuine issues of material fact on materiality—whether the claim was likely to influence a consumer purchasing decision—and harm—whether the misrepresentation was causally linked to damage to Rainworks. Among other things, the packages with the false patent number weren’t shipped to consumers until they’d ordered the product, so they may not have influenced purchasing decisions. (And the ads?) There was also evidence that Rainworks isn’t a true competitor, because it wasn’t selling in the US; no one in the US would buy from Rainworks’ website because of the prohibitive costs involved.

Sunday, March 29, 2009

Vanishing premium case reappears

Broberg v. Guardian Life Ins. Co., 90 Cal. Rptr. 3d 225 (Ct. App. 2009)

Guardian allegedly sold Dr. David Powell a $500,000 whole life insurance policy in 1993 by falsely promising that policy dividend and interest earnings would pay premium costs after the 11th year, so that out-of-pocket premium costs would disappear—a “vanishing premium” policy. Plaintiffs (trustees of the Powell Irrevocable Trust) allegedly didn’t discover the deception until they were billed for additional out-of-pocket premiums in September 2004.

Guardian’s agent provided Powell a three-page illustration showing the elimination of out-of-pocket premiums in the 12th year. The illustration indicated that it was prepared for Powell, not a preprinted form, and contained a handwritten notation “11 year” as well as a printed term “vanishing premium,” with a 30-year schedule that showed no “annual outlay” after the first 11 years. Powell alleged that Guardian knew at the time that its existing dividend scale, on which the illustration depended, was unlikely to continue. The first page had no disclaimers, cautionary language or footnotes. The second page did mention “important footnotes,” and the third page had 39 single-spaced, capitalized lines with various qualifications. In the middle of that, there was a disclaimer that the dividents were neither estimated nor guaranteed, but were simply based on the 1993 scale.

Powell sued for fraud, negligent misrepresentation and violation of California consumer protection law.

The trial court ruled that the disclaimers and the policy language itself put Powell on inquiry notice, meaning that the limitations period had run. Also, the disclaimers precluded a finding of justifiable reliance. Though Powell additionally alleged that Guardian failed to disclose actual annual reductions in its dividend scales in 1994-1996, the trial court held that the difference between Powell’s annual statements and the numbers he would have seen if the dividends had held steady should have put him on notice. The illustration showed a value of $23,642, while his 1997 annual benefit statement showed $23,362—a $280 difference. And the statutory CLRA claim wasn’t viable because life insurance isn’t “goods or services.”

The court of appeals reversed, except for the “goods or services” holding. (Kicking out the CLRA claim was important because that was the claim that provided for a recovery of attorneys’ fees.) As for the other claims, the limitations period begins to run when a reasonable person would have discovered the factual basis for a claim. The disclaimers were not so clear and obvious as to trigger notice.

For the same reasons, they were not sufficient to preclude reliance on other marketing representations as a matter of law. Only if reliance on a misrepresentation was manifestly unreasonable in light of the plaintiff’s own intelligence and information will she be denied recovery. She must not put faith in preposterous representations, nor may facts within her observation show the representations to be so obviously false that to rely on them requires closing her eyes to the truth. Her conduct must not be preposterous and irrational. Here, there was a factual dispute over whether Powell’s reliance was manifestly unreasonable. If he read and understood the disclaimers, that might bar his claims. But the disclaimers were buried in a sea of same-sized, capitalized print, and there was no cautionary language on the first page of the policy illustration containing the deceptive language and figures indicating that Powell’s out-of-pocket payments would “vanish,” so the disclaimers could not be found to be adequate as a matter of law. Any provision that limits coverage reasonably expected by an insured must be conspicuous, plain and clear. The same principle applied here.

Likewise, the policy term stating premiums would be payable “for life” didn’t trigger notice or preclude reasonable reliance as a matter of law. Powell’s argument wasn’t that he was told premiums would stop; he argued that he was told that policy earnings would pay the premiums after the 11th year.

A dissent would have found that the statute of limitations had run because the disclaimers and the policy language were sufficient as a matter of law to give Powell notice that the cash values weren’t “guaranteed,” and thus also there could be no justifiable reliance on the other representations. The policy instructed, in bold type, “Read this policy carefully.” And it warned that the footnotes were “important.” The whole thing was only three pages, and the twelfth line on the third page began, “Figures depending on dividends are neither estimated nor guaranteed, but are based on the 1993 dividend scale. Actual future dividends may be higher or lower than those illustrated depending on the company’s actual future experience….” The dissent concluded that “[a] reasonable person would have followed these instructions, and having done so would have seen these disclaimers.” They were written in plain English, and would have given a reasonable person cause to suspect that the alleged representations about vanishing premiums might be wrong.

Fordham, last panel

In the Trenches

Moderator: Thomas D. Halket, Attorney and Chartered Arbitrator, Halket & Weitz LLP

Practitioners provide guidance about things to be aware of when advising intermediaries.

Ian C. Ballon, Shareholder, Greenberg Traurig

Different liability frameworks for counseling clients:

Copyright: notice and takedown

UGC has generated a lot of cases about website liability. Congress wanted sites to have flexibility in their policies, but a service provider must have a policy, even if it doesn’t publicize that policy (it must inform users that it has such a policy), including provisions for terminating repeat infringers—he says that’s someone who’s gotten a second notice. (Really? Notice? Not a determination of infringement?) One court accepted a three-strikes rule, which tends to seem fair to Americans.

Red flag notice also suffices to require the service provider to take material down. In the 9th Circuit, even red flags aren’t red. Stolencelebritypics.com wasn’t a red flag by name alone. When dealing with adult material, a false claim of “stolen” adds to the marketability. The burden is on the copyright owner, not the content provider. Not everyone would go with the 9th Circuit, which also found that “free passwords” wasn’t a red flag, because the passwords could have been fake or promotional; the only party with a burden to investigate is the copyright owner. (The passwords weren’t infringing, were they? At best the ISP would have been subject to tertiary liability, no?)

What kind of acts are covered? Veoh case: If material is stored at the direction of the user, anything else that happens to it—public performance, translation to Flash, etc.—doesn’t change the character of the material to kick the ISP out of the safe harbor.

Does the DMCA preserve vicarious liability? What counts as a disqualifying direct financial interest plus right and ability to control? Courts have defined this narrowly, but it’s something to focus on with a client.

Filtering: Grokster made clear that filtering isn’t required, but an unwillingness to filter in combination with other factors may support an inducement finding. Filtering is thus good practice. (Eek.)

Other issues:

Trade secret: reason to know material is a trade secret. What is reason to know? That’s a tough one; maybe the standard should be closer to TM standard in eBay.

Trademark: very narrow grounds for third party liability. If you’re compliance oriented like eBay, then having notice and takedown is a good practice even without a statutory framework even without the DMCA. (I’d note that this depends on what you do: if you help people sell stuff, then yes, notice and takedown makes sense; if you host reviews or other content where people talk about, denigrate, applaud, or show pictures of trademarked products/services, then notice and takedown is a terrible idea. I’m guessing he’d actually agree and was just thinking about auction-type sites.)

Child porn: reporting requirement—reporting it absolves you of liability.

Obscenity—scienter requirements in almost all statutes; no prosecutions of intermediaries for user-generated obscene material. Best practice: take down obscene material, except it can be hard to figure out what is obscene.

“Harmful to minors”/child safety—Congress persistently sought to legislate; ACLU persistently got the laws knocked out. MySpace and Facebook have accords with state AGs that only bind them but are good indicators of best practices.

Defamation and state law civil claims other than IP: CDA 230! (In the 9th Circuit, even state law IP claims go.)

Jay Westermeier, Of Counsel, Finnegan, Henderson, Farabow, Garrett & Dunner LLP

Contracts are a neat way to deal with risk. Browsewrap is more prevalent than clickwrap these days. (Westermeier made a bunch of suggestions about the contracts for practitioners.) Is a provision in a browsewrap contract saying that data is only for personal use enforceable against someone who’s making money by using the website? Yes, that’s commercial. Enforced against a woman who was using data from the Southwest Airlines website for her own business.

Google as misleading advertiser?

Alex W. Cannon, Regulating Adwords: Consumer Protection in a Market Where the Commodity Is Speech, 39 Seton Hall Law Review 291 (2009). Excerpt (footnotes omitted):

[T]he judicial treatment of Google as a fully protected First Amendment speaker is dangerous precedent. Google is an advertising machine, and as a publicly traded company its directors are obligated to increase the value of the organization by utilizing every tool at its disposal to get consumers’ eyes on ads. In this respect, Google does not express an opinion in the traditional context of the First Amendment. Rather, by achieving a symbiotic balance between its clients and its users, Google is able to garner massive profits. Google’s corporate interests need to be weighed against societal interests such as informational reliability and informational autonomy. Further, the traditional free-market checks disintegrate in light of Google’s rather un-savvy users. The most visceral danger would be to allow Google, with its ability to tactfully and discretely manipulate consumers, unfettered power to subjectively control access to an important speech market. Finally, this Comment proposes that the Federal Trade Commission (FTC) would be able to regulate Google’s sponsored search results under the commercial speech doctrine.

Saturday, March 28, 2009

Fordham, filtering

Intermediaries as Legal Filters

Moderator: Rob Frieden, Pioneers Chair and Professor of Telecommunications and Law, Penn State University

Notice and takedown is reactive; what about proactive options, like filtering? Relates to the issue of net neutrality. Proactive filtering may serve intermediaries’ commercial interests. Deep packet inspection allows price discrimination, quality of service discrimination. Other examples of filtering: Eudora had a red-pepper scale of the provocativeness of an email. His wife, who also works at Penn State, stopped getting his emails; he had a link to his blog in his sig, and Penn State’s software determined that terms like “blogware” were automatically disallowed. Once filters are available, what does that do to the notice and takedown/safe harbor regime?

Dr. Ian Brown, Senior Research Fellow, Oxford Internet Institute & Honorary Senior Lecturer, University College London

Three examples of floundering towards information law: copyright infringement, gossip, and child abuse.

E-commerce directive: provisions on liability of intermediaries, similar to DMCA. Telecom lawyers in the 90s were very good lobbyists. Art. 12 “mere conduit”; Art. 13 “caching”; Art. 14 hosting; Art. 15 no general obligation to monitor. The only mandatory exception to the reproduction right in temporary copies is for intermediary transmission.

Movement to 3-strikes regime for users to lose internet service after 3 accusations of infringement. Driven by France. Constitutional objections: disproportionate; infringes rights to privacy, expression, association, education, commerce, civic engagement under the European Charter of Fundamental Rights. Also procedural problems: transparency, public examination of evidence, impartiality, etc. Europe has been slower to enforce constitutional norms than the US, though. It might be 20 years before we get a ruling on that—case filed 1991 on UK’s DNA database, just decided that it was an infringement on the rights of people who hadn’t been convicted.

Another problem: Data Protection Directive, driven by Germany which has obvious historical reasons for feeling very strongly about protecting personal information. The Directive applies to companies as well as governments, and even to individuals, except for a carveout for exclusively personal/domestic activities like keeping an address book. And the only real case out of this directive, Lindqvist, involved gossip on a website about a church member who had a broken leg, and that’s sensitive medical information. The Data Protection authority took her to court, and posting on a website was ruled not to be a personal/domestic use. How far can we regulate individuals as well as data controllers? Individuals are within regulators’ sights.

Blocking child abuse images. The British Telecom system blocks access to pages on a secret blacklist. This is imposed by other retail ISPs by the government in various ways. Wikipedia had a problem because one article showed an album cover deemed to show a child sexual image. UK users were blocked from accessing the article. The technical way this was done also resulted in Wikipedia thinking, because of the IP referring addresses, that everyone in England was coming from a couple of IP addresses, and because Wikipedia bans vandals’ IP addresses, English users were unable to edit Wikipedia for several days. Now blacklists are being considered by the EU, including topics like sites promoting terrorism and discussing bomb-making, with little consideration of constitutional issues.

What role can tech play in protecting fundamental human/constitutional rights? Were the recording industry attacks on P2P systems an unexpected boon for free speech, by spurring a boom in research and experimentation with systems that are decentralized and harder to control?

Can we design for privacy? Data minimization: is your data really necessary? Limit personal data collection, storage, access and usage. Anathema in the US, but a key principle in the EU. Encrypt data when it’s in the cloud, decrypt it only under user control; protect it against companies and governments.

Final thoughts: if code embeds values, we need to think about embedding constitutional values in global computation and communication systems. Why are cyberpunks so disgusted with regulation and so committed to designing disruptive tech? Disgust with corruption in the broad sense: lobbies driving legislation.

Wendy Gordon, Visiting Professor of Law, Fordham Law School; Philip S. Beck Professor of Law & Paul J. Liacos School in Law, Boston University School of Law

Her concern is methodology.

Grokster seemed to threaten the possibility of a thriving filterless internet. Tim Wu said: when the Court pinned liability on intent, it was ducking the hard questions of how important substantial noninfringing use is. Does it ever make sense to use an intent test? Her own view is that copyright is 90% about increasing the store of public knowledge, and 10% about just claims of desert. Morality’s role is often overstated, but it has a place. Is there a defense of an intent orientation?

There are certain bad acts that most of us would hesitate to undertake even if they had longterm good consequences: e.g., the trolley problem. Maybe what was being encouraged by Grokster was, really, terrible. Downloading kids may have been engaged in moral wrongs. But the underlying infringement by the kids is judged on a strict liability standard, so Gordon doesn’t think it should be ranked with things that ought to be prohibited at all costs.

Also, highly probable that claims of property in music cause harm. Standard: how would people do in the absence of the property? How would kids have fared but for this music that surrounds them, coupled with a prohibition on copying? Many are worse off than if they’d never heard the music—if someone sends music out into the world and it affects others, people need some liberty to reuse, even sometimes with exact copies. (She gave me a shout-out!) Exact repetition is part of every religion, every doctrine, the Pledge of Allegiance, every ritual. Copyright owners are not merely conferring a benefit that they can withdraw at will; others act in reliance when they integrate music into their psyches. Thus we can’t condemn uploading/downloading as a blanket matter.

Without that moral core, then Grokster’s behavior doesn’t seem so evil that it excuses us from taking longterm consequences into account.

Dawn C. Nunziato, Associate Professor of Law, George Washington University Law School

Her topic: How broadband service providers are and should be regulated in discriminating against legal content and applications. Backdrop: FCC’s August 2008 ruling that Comcast was unlawfully discriminating against P2P filesharing protocols. Communications providers as common carriers: designed to facilitate transportation/communication without discrimination—postal service, telegraph service, etc. are not permitted to engage in acts of discrimination. That’s how narrowband internet was initially regulated in the 1990s. How should cable broadband be regulated, then? If common carrier, then discrimination would not be allowed.

In 2002, the FCC decided that cable broadband was not a common carrier. What regulation, then? Regulated as “information providers,” which means minimal if any regulation. Brand X: Supreme Court upheld this. DSL and other broadband providers said: what about us? FCC said in 2005: you’re all immune from common carriage regulations. At the same time, the FCC made some broadband policy statements, according to which internet users should enjoy freedom to access their choice of legal content and freedom to run the applications of their choice. These policy documents do not establish rules and they’re not enforceable, yet the FCC pledged to act if they were violated. And these freedoms are subject to broadband providers’ discretion to engage in reasonable network management practices.

Nunziato has documented discrimination against legal content—allegations of Comcast censoring political email; AT&T prevented NARAL from sending messages to willing subscribers; Comcast blocked P2P filesharing using deep packet inspection and then allegedly lied about it. FCC characterized this as opening mail to see if Comcast wanted to deliver it, and argued that Comcast was doing this to protect its own interests in, e.g., video on demand.

Comcast complains: but we’ve been deregulated! FCC: you’re not subject to common carriage regulation, but nonetheless we have ancillary jurisdiction to regulate you, as Brand X said. Comcast: Ancillary to what? FCC: To the 1996 Telecom Act that set forth internet policy of an open internet, and to other areas.

Where are we now? A mess, caused by FCC’s decision to exempt broadband providers from common carriage regulation. These are the pipelines for the internet, and they have no business interfering with free speech.

Frieden: points out that FCC regulated cable before it had statutory authority; ancillary because it had jurisdiction over broadcast TV and cable TV had the potential to affect broadcast.

James Grimmelmann, Associate Professor of Law, New York Law School

Search engine amplification often worsens lots of internet problems, but search engines shouldn’t be targets for solutions. People have always been jerks; now they can be jerks on an unprecedented scale by allowing large-scale anonymity. Site operators have the technical power to mask or muzzle the jerks. But website operators aren’t the only intermediaries in the picture. Web pages aren’t megaphones blasted to horrified recipients: mostly people choose to visit, usually by searching. Search amplifies hate.

If we gave search engines more duties, we might hide harassment without unmasking speakers or shutting down webhosts. But: good search engines help people find the info they want, not the info other people want them to find. Ability to find info is essential to our ability to make our own decisions; it’s also economically important. Search is too important to muck up, so we need to be careful in regulating.

Good search favors active users, and so does good information policy. If you make search less useful, users can’t as easily lead self-directed lives. Crippling search gives content creators and third parties unwarranted power over search users—that is, over everyone who uses the internet. Notice and takedown would make some information unfindable, removing it from the commons. It would also be a slippery slope to making search engines responsible for whatever speech is online. We need internet-wide, general purpose search engines—key to the last decade. Fundamentally, search engines don’t want to mislead their users with half-truths and libel. (Unless, I’d say, the users want to find the half-truths and libel—compare to the argument that eBay doesn’t like counterfeiting; sure it doesn’t, at the point at which counterfeiting starts to interfere with eBay’s own credibility and profitability, but users who are thrilled with knockoffs don’t cause any problem for eBay.)

Search engines also don’t have a relationship with site owners that allows counternotification as a ready response. Regulating search would be a pretense of allowing speech—a “free speech zone” where no one finds the information who doesn’t already know about it. But speech is also about the audience—if people want to find the information, they should be able to do so. Tampering with search is second-best: if we don’t like the content, target the site, which will have better information about the quality of the content and its value.

Jerry Lewis, Chief privacy officer at Comcast: agrees with Nunziato that the law is a mess. There are real underlying technical reasons to engage in network management—congestion issues. The old management technique was content-agnostic and focused on applications generating congestion (P2P services). New technique: content- and protocol-agnostic. It looks at heavy users, and manages them directly. You can always claim free speech interests as a basis for regulation; he’s not convinced they’re important.

Comcast didn’t censor political speech; it has a spam feature and a number of customers hit the “this is spam” button on these emails. Once Comcast looked at the emails and saw they were political, they were whitelisted again in relatively short order. Comcast blocks ½ billion spam messages a day, and there’s a process to fix the inevitable errors.

Scafidi: Gordon’s argument sounds like anyone who has created something and declines to release it is acting immorally. Or maybe it’s immoral to create a bad story that horrifies people, or a jingle that sticks in people’s heads. Under this rationale, is there any justification for copyright? You may benefit enough from hearing something that even a withheld copy isn’t immoral. Isn’t it better to have loved and lost than never to have loved at all?

Gordon: What she’s talking about is part of an elaborate mental conception of the moral core of copyright. In none of this is she questioning the instrumentalist/consequentialist structure of copyright—Congress can further progress in science through copyright. But she is interested in what the moral minimum of copyright must be. One branch: is downloading a violation of the moral core of copyright sufficiently serious to avoid consequentialist weighing over whether Grokster should be shut down?

Also, she is not arguing for a slippery slope. If you take Lockean “enough and as good” seriously, that wouldn’t erode all copyright. The typical commercial copier indeed receives a net benefit even after receiving licensing fees. Scafidi overstates the dangers of the “enough and as good” condition—the condition that the property claimant not do harm to others, and that if he does harm then he does not have an absolute claim to the property.

Nissenbaum for Brown: Privacy right internationally needs to be stated at a high enough level of generality that a culturally specific definition isn’t imposed on everyone. For Grimmelmann: search engines are important, yes, but how far are you willing to go? Can we regulate search engines at all?

Grimmelmann: Purely comparative point—we should go after the site that hosts the content first and preferably.

Brown: Then what do you do if the site is outside your jurisdiction but the search engine isn’t?

Grimmelmann: That’s Yang’s point. As the regulator accountable to my own citizens, I go after the search engine. But for the good of the internet overall, we need harmonization and a set of international standards.

Goldman: Example of internet filtering—move to increasing obligations on intermediaries: cutting off online gambling by going after the payment processors. What do we think of that?

Brown: Regulation is nothing if it can’t be effective. If the US is not going to block access to specific sites, as the UK/EU are trying, then you need an alternative. Note that US trade partners are going after the US for US moves!

Grimmelmann: He thinks this is a procedural issue. Are intermediaries subject to potentially inconsistent and unpredictable litigation? But if you do it in the government, you get a secret blacklist and the process may not be sufficiently transparent and accountable. Assuming we want to ban access to X, how do we go about identifying X and blocking it in an effective and procedurally fair way?

Q: Court records—used to be friction-heavy, so openness had limited costs, but also limited benefits. Now that dissemination is frictionless, does that show that openness was always a mistake?

Grimmelmann: The courts have a responsibility to make privacy decisions; practical obscurity can no longer perform a protective function, so courts have to take new balances into account. Most things ought to be immediately publicly available, sensitive information can be request-only, and truly sensitive material can be sealed.

Brown: Grimmelmann’s suggestion is like the end-to-end rule—decisions are made at the very extremes, not by the intermediaries.

Q: Is trade secrecy a barrier to accountability, for example with filtering/search algorithm decisions?

Brown: in the EU, courts would never allow IP to override human rights concerns.

Fordham, continued again

The Social Impact of Intermediaries

Moderator: Joel R. Reidenberg, Associate Chief Academic Officer & Associate Vice President for Academic Affairs, Fordham University; Professor of Law and Director of CLIP, Fordham Law School

Helen Nissenbaum, Professor of Media, Culture & Communication & Senior Fellow of the Information Law Institute, New York University

Terms of Service: A Play in One Act. Cast: Archie, Dan, Eric, Jack, Maureen, Orin, Wendy, Helen, Valentine, a prof. of business ethics.

Archie: Google’s introduced behavioral ad targeting, and that’s creepy. I’m going to use TrackMeNot, a Firefox extension that obfuscates your real searches and makes profiling harder.

Eric: But that’s illegal! It violate’s Google’s ToS. Art. 5.3, you agree not to access the services by any means other than the interface provided by Google, including scripts and webcrawlers.

Archie: I’ve never seen that!

Helen: Are ToS the law?

Valentine: Why shouldn’t Google be able to impose any ToS they please?

Dan: This reminds me of eBay v. Bidder’s Edge or Intel v. Hamidi: would a court uphold these terms? As a matter of justice: Info intermediaries profit from free availability of info online, then they turn around and impose restrictions?

Helen: Consider the affordances of architecture. The limits of real property depend on the features of real property; characteristics of the medium should matter here too. Since generating logs is inherent in web traffic, does that mean that any manipulation of them is ok?

Archie: Why should site owners be in full control of our interactions? Can’t I defend my privacy?

Eric: This is a free market; parties set the terms. Walk away if you like.

Maureen: That imposes a burden on all individuals surfing—it constrains us from doing what comes naturally and makes us afraid of simple clicks.

Orin: We should write these rules into a technical handshake.

Joel: If automated access degrades efficiency of a site, there should be recourse.

Helen: Discernable harm, sure, but not just traffic the site doesn’t like, whether automated or not.

Prof. of business ethics: Moral issue: Information isn’t free. The intermediary takes info at the bottom of the food chain and creates value. If you don’t want to pay for information, you must be prepared to give it for free. Otherwise you’re like people who fast forward through TV using their DVRs.

Archie: Does that make me a free rider?

Wendy: we don’t know what owning a website entitles us to; shrinkwrap contracts may not be socially beneficial. We will not discover morality in architecture. We must determine the relevant public values to assess the reasonableness of terms and thus whether TrackMeNot is morally defensible.

Jack M. Balkin, Knight Professor of Constitutional Law and the First Amendment & Director of The Information Society Project, Yale Law School

Too many intermediaries; can’t really generalize. Flickr =/ Google Docs =/ Facebook. But he’ll do so anyway. In ancient days, people were very worried about the difficulty of accessing mass media and reaching other people. Old intermediaries, those threats of yore, are now circling the drain. Access is no longer the problem—new intermediaries encourage people to talk as much as they want, especially if they’re posting naked pictures of themselves.

Basic problem with respect to new intermediaries: they want people to post more stuff in order to feed the business model, but most of it, as Clay Shirky says, “isn’t for you.” So, there’s a lot of crap out there. How do you find the stuff that’s valuable, relevant, and credible? We’re in a deeply experimental period.

Mike Yang, Managing Product Counsel, Google, Inc.

There’s some regulator in Turkey who’s furious that something appeared on YouTube; someone else in Korea. You can’t compartmentalize these issues nationally—the panels have had an American view of what intermediaries are doing online. But every day he sees what users are doing internationally, dramatically changing their lives and societies. We take a bunch of stuff for granted in the US that can’t be taken for granted elsewhere, and intermediaries deliver a lot of that worldwide.

Yang doesn’t see the crap; he sees when the content challenges an existing regime: a government, a corporation, a social norm. 1% sounds like a pretty bad balance, but think of Google’s scale—if 1% of billions of users are empowered in a new way, that’s great. The legal department doesn’t get complaints about “my boyfriend posted a nasty picture.” They get the company, the government. They have a slanted view, but those things prove the power for good created by intermediaries. Google’s services create problems for a lot of people, and he tends to see that as good things: free speech causes problems; transformation of existing content makes people upset as it adds new creativity to the world.

Frustrating: the arbitrariness with which the law is being applied at this point. Often the upset person can’t reach the person who they think hurt them, so they lash out at the only party they can reach: Google. Often they can’t find a user even in their own countries. Google’s risk analysis: do I have servers in the country that can be seized? Do we have employees who can be thrown in jail? Google has to act differently when the litigant has a hold on it, whether that way or by the prospect of large damages. Result: arbitrary and chaotic application of international law, not good for users overall (though Yang was careful to say that chaos has its benefits for users as well).

Running joke: by the time the lawyers start thinking about it, it’s probably obsolete. This conference reflects the fact that the law is now focused on intermediaries. We’re at the height of intermediary power. Engineers say: the web is going to open source, openID, FacebookConnect—the concept of the unitary intermediary is not going to reflect the reality. The user will store login info with one provider. Gadgets and applications will be from other companies, and information will flow between all those different points. Some of the parties will be easily reachable by third parties, others not; the law is ill prepared.

Reidenberg: Hearing that social expectations are changing in a way that gets further from the scope of the law and governance and more towards private decisions. TrackMeNot is a private self-help response that fits into this. Yang suggests that international issues make the matter worse. Is law breaking down?

Balkin: Law? No. Yang will still have a job forever.

Yang says yes, he will, it’s just that it won’t be principled. Obeying the law is not the same as giving moral authority to the law while you help your client interpret it. His decisionmaking comes down to a practical assessment, which is scary—other companies may not make ethical decisions. Sometimes he does take ethical stands, but mostly we don’t and shouldn’t leave it up to companies to decide what is the right thing to do for society.

Balkin: Why isn’t it up to companies, which are part of civil society, to decide what the right thing to do is? JP Morgan in 1906 decided that governments couldn’t deal with a fiscal crisis, so he did—and made a bundle, exercising his financial power to stem a liquidity problem. He thinks Yang is basically right descriptively: the locus of power has to be decisions made by companies, many of them intermediaries, about how to structure free speech and control of information. Law is not where the action is.

Yang: Sure, companies have moral/ethical responsibility. But if you have a disagreement in society (comment: I’d say, if you have a law purporting to resolve that disagreement), government is where we’ve looked to resolve those differences, and the law as a tool is diminishing.

Nissenbaum: She’s ambivalent about use of personal info. The law should support the right of individuals to have a say—a company should not be able to enforce ToS that preclude individuals from taking steps to protect the privacy of their information. The law isn’t direct enforcement, but structuring.

Q: Does there have to be a tradeoff between new and old intermediaries? How would we think about quality control of speech?

Balkin: The printing press disrupted the authority of the Catholic Church, but we still have a Catholic Church. He thinks a third way—aggregation, mass participation—is going to develop particular techniques for assessing quality and value, which will be different from current ones, just like a secular world developing out of the printing press assessed quality and value differently from the pre-print world. There will be a tradeoff, but that’s not a reason to be pessimistic.

Eric Goldman: For Balkin: are you suggesting that the “third way” is not hierarchical? Google linking power; Amazon’s sorting of most popular products; eBay’s seller ranking—seems to be a lot of hierarchy.

Balkin: Quality, salience and accreditation are always problems. Government has one way—gov’t produces public goods. Hierarchical system outside gov’t: university, newspaper, publisher: structured as professions, to which people devoted their lives. New way: mass participation, linking, aggregation. Primarily a change in civil society. A different kind of hierarchy—instead of going to journalism school or getting a PhD, and being trusted because of credentials, people will produce knowledge in different ways, only some of which rely on education.

Yang: Net impact of Google is disaggregating. Google Books aggregated a problem that used to be diffuse, but the net effect is to disaggregate power. To the extent we aggregate power or influence, we are pretty subject to competition and the whims of our users. Critics say we’re omnipresent, but it’s because we’re giving users the services they want. (Isn’t that what NBC said?)

Nissenbaum: In relation to privacy in particular, we may want to strive for fairly abstract laws. The norms of info flow are very culturally specific, and we don’t want one nation to impose its culture on others—this is privacy-specific and not about other things we might think of as fundamental liberties.

Q: Civic groups as intermediaries between individual and government—interest groups, social groups, brotherhoods, etc. Social theory used to think those were key to avoiding tyranny. What happens today?

Balkin: Good point—his points were about knowledge, the question is about politics. Where do ideas of the good and the just come from? Various forces in civil society change common sense about rights and justice, and in a democracy that’s supposed to change the law. If democracy is premised on this circulation of ideas, what happens to that in our new world?

Blogosphere: a way of circulating ideas about politics, and it seems to be doing a pretty good job of supporting existing civil society, even amplifying them. There are technologies that actually make it easier for groups to form in real space. Susan B. Anthony had to get on a train and travel around the country, where she had to give the same speech, and they needed committees of correspondents writing to each other all the time. Imagine what Stanton and Anthony could do today—how much quicker to organize, raise money, stay in touch. Final point: if you’d asked a First Amendment scholar ten years ago what’s the biggest problem in democracy, the answer would have been: the flow of money in politics. In the last election cycle, there was much more participation in producing money for governance. It wasn’t perfect and was mostly about the presidential election, but disaggregation/new tech made it possible for more people to influence who gets political office, which improves the problem of corruption/the rich drowning other voices out.

Q: How much resistance to tech is about resistance to change in hierarchy?

Nissenbaum: A big part! Access to information is like any other resource. Shifts don’t always go from powerful to weak; some information may make the powerful more powerful.

Yang: Theme for him: the futility of resistance. Litigating Napster didn’t save the music companies. Litigating Grokster didn’t save the music companies. It’s not changing the technological fundamentals. Google encounters angry governments all the time, and sometimes they succeed in forcing alterations, but the trend line is not good for them. The only country that has successfully gotten its hands around the internet is China, and that’s because it built a firewall and has tens of thousands of people sitting in rooms looking for key words; it made the investment in regulating. The law is not the place where industries/governments should seek solace.

Reidenberg: Five years from now, what will be the most interesting intermediary, socially speaking?

Yang: Five years is a long time! But the trend is the absence of a big, central intermediary. Now that the accumulation of capital necessary to have big companies has occurred, we’ll see more control in the hands of the user.

Balkin: Key tech—forms of social interaction, of which Facebook is the most obvious example. There will be a titanic struggle between Facebook and other intermediaries about interoperability and sharing content—Yang (for obvious reasons) tells a story of a smooth move to interoperability; Balkin thinks there will be a fight.

Nissenbaum: Normatively, she hopes the tech continues to allow small groups/individuals to subvert existing systems. Given the structure of the web, individuals can have a big effect by writing code.

Friday, March 27, 2009

Fordham, continued

Why is Tiffany Blue? 3rd-Party Liability and the eBay Cases

Moderator: Susan Scafidi, Visiting Professor of Law, Fordham School of Law

eBay has been sued here and elsewhere. Rolex won against eBay in Germany, requiring eBay to monitor; subsequently, eBay was found to be sufficiently monitoring. eBay lost cases in France against Hermes and LMVH. Then in Belgium, Loreal lost to eBay. Around the same time, Tiffany sued and lost in the US.

Joseph C. Gioconda, Partner, DLA Piper USA LLP (head of anticounterfeiting): Has represented eBay in some matters and Tiffany in others, but here is speaking as Tiffany’s lawyer. When he started, the contributory liability standards evolved out of brick-and-mortar operations. Judgment-proof defendants, often part of a large criminal enterprise; the people actually selling the goods were often victims of human trafficking. Designers really needed effective weapons—go after the landlords, who have deeper pockets. C&D: we have used private investigators and discovered 1000s of counterfeit sales; you are on actual and constructive notice, and you must put a stop to it or we’ll take your building.

Now this has evolved dramatically—online counterfeit drugs, so he works with pharmacos every day, not just handbag makers for whom there is less public sympathy. The eBay case was closely watched by everyone—designers, pharmacos, ISPs. Assuming that this case becomes Second Circuit law, what do we do? Did eBay do so much that other people can’t afford to do? The court tied its ruling to the facts, and eBay capably showed it was a responsible corporate citizen, so the court found that the general notice—which would have been fine if given to a landlord—wasn’t sufficient. If I don’t have eBay’s resources, an ISP asks, what should I be doing? If the ruling is upheld, should TM owners go to Congress? Should ISPs adopt eBay’s model?

Randi W. Singer, Partner, Weil, Gotshal & Manges LLP: eBay’s counsel in the case. Lots of people think eBay has a big warehouse with all the goods, but it doesn’t. Tiffany demanded that counterfeit goods be removed, and said we’ll make it easy: lots of 5 or more are counterfeit. There were other issues with keywords and sponsored links. eBay is a TM owner itself and respects TM owners’ rights, and has the VeRO system—a notice and takedown system, which works very well (comment: ha!) in the copyright context. eBay refunds users who complain they’ve purchased counterfeit goods. eBay doesn’t like counterfeiting!

Problem: you often need physical possession to discern counterfeiting: assays, measure depth of mark, etc. eBay responds to Tiffany: If we did what you asked for you, we’d have to do it for 15,000 TM owners. eBay filters out listings that red-flag their counterfeit status. It’s easy to filter out guns or lawn darts, which are flat-out banned. It’s more difficult with jewelry, because a legitimate secondary market exists. (This is why I only use eBay to buy Kate Hines jewelry, not better-known names—she’s not counterfeited.) Tiffany was never able to articulate a bright-line rule that could be technologically implemented. eBay had already taken out the low-hanging fruit, and the remainder required some expertise, which Tiffany had more of than eBay. Tiffany conceded that eBay always responded to Tiffany takedowns.

Basic TM law: the TM owner has the duty to police its mark. Tiffany wanted to push that burden onto eBay. Tiffany’s position: generalized knowledge should suffice. eBay’s business model depends on good faith cooperation between eBay and rights owners.

Giaconda: A couple of facts: 15,000 brand owners on eBay, but they’re not all multimillion-dollar businesses that can employ paralegals fulltime to send takedown notices to eBay (are they then heavily counterfeited on eBay?). So to say brand owners have to bear, not share, the cost may allow Tiffany to fight counterfeiting, others will have to trade off brand protection against other objectives, and is that fair? eBay gets a direct pecuniary benefit from the price of each item sold, which in many cases are admittedly counterfeit.

William R. Engles, Jr., Chief Financial Officer, Portero, Inc.

Online secondary market for luxury items: watches, jewelry, high-end handbags, housewares, art. Began as eBay drop-off model, focused on luxury—Greenwich, CT. Differentiated from eBay: guaranteed authenticity. In 2006, changed sourcing model—no physical stores, added dealer and brand relationships, but stayed on eBay until 2007. Then launched own site in early 2007.

Certify every item as authentic before it’s listed. Not a neutral platform—the buyer doeals with Portero, not a third party seller. Has partnerships with certain luxury industry players who certify authenticity.

Good for brands: divert consumers away from uncertified sites.

His experience on eBay: eBay bends over backwards in favor of the rights owner. Seller’s only recourse is to go to rights owner and ask them to rescind. Most luxury brands don’t want a secondary market, and thus they won’t rescind the notice no matter what, though sometimes Portero was successful—once, the legal department shut down auctions that had actually been sourced directly from the rights owner; Portero had to ask the marketers to go down the hall and talk to legal.

VeRO was ineffective and too broad in favor of the rights owner. Doesn’t work for luxury items. It’s not the right buyer group. Only 10% of their present clientele bought from them on eBay—people looking for bargains go to eBay. The third party ought to stand behind its items.

Frederick Felman, Chief Marketing Officer, MarkMonitor

Counterfeiting is not a victimless crime. Counterfeit character mask made with harmful chemicals scarred a kid for life. Counterfeit drugs; lead poisoning from counterfeit jewelry. Tiffany sent 235,000 notices to eBay—think about the burden on Tiffany. It’s automated now, but it wasn’t at the beginning. The clients who enforce with great consistency see infringement decline over time, most of them substantially. It takes a lot to establish an eBay identity, so infringers are more likely to go away—you don’t have to be faster than the bear chasing you, you just have to be faster than the other guy he’s chasing; counterfeiters move on to easier targets. That means that smaller guys do suffer, but not at the same scale that Tiffany did.

Practical things for defending a brand: Work with business side and allocate tasks. Make sure you have a benchmark to see whether you’re getting a return on investment. Devote sufficient resources to get it done: the hard part is monitoring. Infringement happens other than on eBay—B2B operators who sell to others, including retailers. Trace it back to the source, the manufacturer. The FBI only prosecutes 280 counterfeiting cases a year; they don’t have the resources to help you, so you have to help yourself. Look who else in your segment is being hit, and see if there are enforcement acts you can take (together? Antitrust concerns?). Don’t do it if you’re a Tiffany or another large brand without automation. You need to crosslist sellers so you can take action against the multiple offenders.

Singer: There’s only so much eBay can do; eBay has crashed its system adding rules to its filters before. There are smaller players out there, and the point isn’t that VeRO isn’t the end-all but that eBay wants to cooperate. It’s more profitable to build a healthy marketplace with a certain level of trust—a clean, well-lighted place as a longterm business model. (What isn’t being said here, of course, is that some consumers are perfectly happy with the knockoffs, so their interests diverge from the TM owner’s; eBay’s interests align more with consumers than with TM owners.)

Engles: His perception of eBay corporate culture was very anti-counterfeiting.

Giaconda: the eBay decision isn’t just about eBay—eBay is a bellwether for online markets. If a brand spends a lot of money and paralegal time, over time you see changes in the marketplace. But eBay is only one market. If you’re Amazon, or a direct retailer, or a new business: what do you do? The economics adapt to the law; this is about cost-shifting. His clients are sophisticated and wealthy, but relatively smaller businesses/start-ups, they have difficulty.

Q: eBay has so many disputes each year; does law have anything to do with it, or is it just a function of technology? What tech is practical/foreseeable to reduce the incidence of counterfeiting?

Singer: Recall that the fact record in this case was frozen 2005/2006. Some of eBay’s newer measures include things like barring very short auctions for certain luxury items, to avoid lightning-strike counterfeiters; you can’t join eBay and then immediately list 100 Tiffany items. The tech to do that didn’t exist when the dispute started.

Felman: Tech can’t assess many TM disputes over rights, but it can boil down some issues, can help you find recidivists, can help you decide where to focus your efforts.

Giaconda: Tech is great, but when you find the source of the counterfeits, then it’s often in China, and then what you have is an international legal proceeding.

Q: Can you use RFID or similar tech?

Giaconda: Sophisticated counterfeiters buy one genuine product, and post pictures of the receipt and the like.

Q: What are the remedies for people on the other side of a VeRO notice?

Singer: eBay does have a counternotification procedure. It depends on the rights owner.

Engles: We were a big seller, and eBay still wanted us to work with the rights owner. For smaller ones, he’s not sure what they do.

Singer: Policy decision, err on side of rights owner.

Q: Risk to competition—if the policing requirements are onerous enough, smaller players will be driven out. Good for eBay, bad for competition. Happened with COPPA: sites for children have mostly been driven out of business, and you end up with Disney/Club Penguin as the dominant players.

Giaconda: Good question. DMCA as an experiment in this context. A statutory solution might be good—giving a list of 5-10 things necessary and sufficient to qualify for a safe harbor. That lets the new players start up with some certainty. He doesn’t think that would be a dramatic shift, because legit marketplaces are probably doing some or all of these things and illegitimate ones may be struggling in this market. The real question: without a bright line rule, will tech work and will the brand owners invest in the tech? Personally: he likes bright lines better than the tort system at common law, which is complicated and slow—haven’t even scheduled the argument in Tiffany v. eBay. By the time the Second Circuit issues a decision, things will have changed again.

Felman: Notice and takedown is now under consideration by ICANN for new top-level domain names, because of the success of the DMCA. (Success is one word for it, in my opinion, but not necessarily the right word.)

Q: How many takedown notices are erroneous?

Singer: it’s hard to say. eBay doesn’t have a good way of knowing whether the notice of claimed infringement is valid any more than it has a good way of knowing whether the listing is counterfeit.

Q: Any cases against rightsowners for abusive notices?

Felman: Some claims reported on, but not much.

Intermediaries in the Information Society

Fordham, Third Law & Information Society Symposium

Content and CDA Immunity

Moderator: Olivier Sylvain, Visiting Assistant Professor, Fordham Law School

Samir Jain, Partner, WilmerHale

Prior to 230, the analogue to ISP was a distributor: a bookstore. Distributors couldn’t be held liable for distribution unless they knew or should have known about that content. The courts initially tried to apply this framework. But Prodigy, which treated the ISP like a publisher because it did some filtering, sent a shockwave through the industry. 230 was a solution.

Who gets covered by 230? Basically everyone on the internet. When? When the information is provided by another information content provider—someone who’s responsible in whole or in part for the creation or development of the content. So can the defendant be held responsible for the creation or development of the content? Finally, does the action at issue treat the defendant as the publisher or speaker of the content? That’s not entirely clear—might only apply if publication or speech is an element of the tort, with defamation being a classic example, but in practice courts have applied it quite broadly.

First appellate decision: AOL v. Zeran, involving ads for obnoxious Oklahoma City bombing T-shirts that gave out Zeran’s phone number. Zeran wasn’t responsible but got a lot of threats and abuse. AOL delayed in taking down/preventing subsequent postings, and Zeran sued. The first two elements are easy: the only issue was would Zeran’s claim treat AOL as a publisher/speaker? Fourth Circuit said yes—holding someone liable for another’s speech is almost by definition treating them as the publisher/speaker.

Recently: Roommates and Craigslist, both about housing discrimination. Roommates: what was different was that all users were required to answer the multiple-choice questions, and any answer they give was, according to the plaintiffs, unlawful—the fact of revealing gender and number of children was a violation of the law. In that situations, Roommates.com was contributing/developing the unlawful content. This is distinguishable from cases in which the answers are unlawful for particular reasons—for example, when the answers are provided by someone who’s impersonating another person (Carafano). So how broad is Roommates? The court purports not to narrow immunity substantially, though there’s some loose language in there. Subsequent district court decisions haven’t read Roommates to work a big change in 230, though.

Craigslist: The 7th Circuit was unclear in its analysis. It didn’t answer the question of whether it was adopting the rule that 230 applies only when publication is a formal element of the tort. Much of its policy language supports a broad reading of 230—the costs to Craigslist of filtering are big. But it’s hard to tell.

Eric Goldman, Associate Professor of Law & Director of the High Tech Law Institute, Santa Clara University School of Law

230 is an incredibly broad and robust immunity that’s survived a host of attacks, 100+ lawsuits, with just a handful making some exception. Internet actors aren’t liable for 3d-party content, period. The period is the problem: bright lawyers think that they can outsmart Congress. But remarkably, they’re largely failing—Congress rarely establishes as clean a rule as here.

Exclusions: Electronic Communications Privacy Act (in his opinion, a null set); federal crimes, when the federal government brings a criminal prosecution (gambling, child pornography, obscenity—but the cases make clear that a state crime is preempted); IP (hot news, misappropriation, other state law claims). 9th Circuit tried to cut off the flexibility in IP by saying state law IP claims were preempted, based on a policy rationale favoring nationwide uniformity. That’s not a popular ruling outside the 9th Circuit.

Another possible workaround: Roommates—the site is responsible for the questions it picks. Possibly that can be extended to marketing representations, even when those representations can be rendered untrue by third-party content. If the site says “we don’t tolerate defamatory content,” and then someone posts defamatory content on the site, is there a cause of action for false advertising that isn’t precluded by 230? eBay v. Mazur: eBay represented that a third-party’s site was “safe.” eBay said: that’s the fault of the third party. The court said that eBay needed to be responsible for its own words.

Problem: plaintiffs are trying to take advantage of that in problematic ways—trying to hold sites responsible for negative covenants (“don’t post anything defamatory”) in their terms of service. Goldman thinks there are analytical difficulties with this, but that’s probably the most promising way around 230 because there are always marketing representations on a site that are not legal representations.

Why all the agita? 230 seems to break tort law, which we learned in law school applies when someone is involved in harmful activity. If you don’t want liability, do as little as possible. 230 breaks apart those principles as we learned them. A website isn’t liable even if it gets a C&D/takedown; even if it does something to manage/prescreen/edit the content; even if it profits from or takes ownership of third-party content; even if it looks like their content. That just doesn’t make sense from a common-law perspective, so we get the very smart Kozinski and Easterbrook thinking that it can’t be the law.

Two quick defenses of 230: (1) What content do people want to excise from the internet? Mostly, negative criticism/commentary. 230 prevents people from taking away negative content. Otherwise, we’d get a lopsided database. (2) Information markets. The job reference market is broken. Employers won’t give bad references for fear of liability. Compare product reviews on the internet. We see lawsuits against Yelp! users for posting, but Yelp! isn’t liable, and as a result millions of reviews are available on Yelp! Stark contrast to other regimes.

Nancy Kim, Associate Professor of Law, California Western School of Law & Visiting Associate Professor, Rady School of Management, University of California, San Diego

Statutory language: no provider shall be treated as the “publisher or speaker” of information provided by another information provider. Have the courts gone too far in interpreting this immunity? Courts have looked at the nature of the injury. But ISPs shouldn’t get a free pass for being socially irresponsible. They’re businesses, not free speech forums.

They should take reasonable measures to avoid harm. But offline and online are different, so reasonableness should differ. The volume of traffic, the size of the company, the difficulty of controlling content, and the problems of anonymity. There should be no pre-screening requirement, and no liability based merely on notice. Craigslist says 230 isn’t a general immunity from all civil liability. Craigslist itself had measures in place, warning posters against discrimination. The company is leanly staffed and gets millions of posts a day. Also, the Lawyers Committee could go after discriminatory posters themselves.

Roommates was different. It was foreseeable that posters would be prompted to post discriminatory ads. Roommates didn’t actually require posters to put in discriminatory information—posters could choose “no preference,” which wouldn’t violate the law. The problem was that they set up the website to prompt entry of discriminatory information.

Doe v. MySpace: A minor met an adult on MySpace then met him offline and was sexually assaulted. Claim: MySpace should have taken reasonable measures to avoid this, because it was too easy for minors to lie. Court rejected premises liability, but didn’t explain why not. It did apply what Kim considers a reasonableness analysis: MySpace had a minors policy, but the minor lied to avoid it. Age verification software too is not foolproof. Given the amount of traffic on the site, MySpace didn’t need to do more. Its business model wouldn’t work if it had to do more, and Congress has favored online business models.

What if it turned out that 15% of minors on MySpace were meeting adults and being sexually assaulted—would we still get the same result? As a society, that’s not a solution we could live with.

Turn to statute: 230 was designed, among other things, to incentivize blocking and screening technologies, and to immunize ISPs from liability for blocking content they don’t like.

How do we apply that to dontdatehimgirl.com, which publishes pictures and names (including pictures of a man’s driver’s license). All postings are anonymous. This kind of posting is likely to be impulsive. But the site is under no obligation to remove the content—even if you make up with the guy and want to remove it. Gossipreport.com encourages you to make up a profile about someone else, not yourself.

Is this really what Congress had in mind?

Rebecca Tushnet, Professor of Law, Georgetown University Law Center

Preliminary thoughts: notice the ideology encoded in the concept of “intermediaries”—I’m just the middleman—the term automatically calls our attention to the acts of compiling and aggregating. Compare this to “the press,” which also transmits the statements and images of other people (sometimes employees, sometimes not) and yet is traditionally thought at least somewhat responsible for what it transmits. On the other side, you can compare “common carriers,” which aren’t even intermediaries and nobody tries to hold them liable in the modern era. It’s maybe not surprising that we don’t know how to treat the man in the middle.

The moves in the argument over 230 are really well known, on the order of “I can’t pay the rent!—you must pay the rent!” (and somebody always ends up tied to the tracks). At this point I’m inclined to say we need housing reform: that is, if we think that 230 is failing to balance harms versus benefits properly, we need to look at other ways of achieving the benefits we want from regulation.

There are things about 230 that make me uneasy. Example: a pending false advertising/Quizno’s case, where Quizno’s asked users to make comparative ads, and a number of the funny ones said really nasty, possibly defamatory things about Subway sandwiches. If Quizno’s adopts the user-made ads as its own, shouldn’t it be responsible for any defamatory content therein?

Another question to be answered: Lack of uniformity across liability regimes: is IP’s difference from other rights sufficient to justify special treatment? Political power is the easy answer for why IP got treated specially, but there are possible defenses if you think IP rights are easier to enforce or harder to abuse than other claims. (If you think that, do you think that just about copyright? Or do you extend that to trademark? What about the right of publicity? Should publicity be treated the same as privacy?) Should we move towards a more uniform, European-style model where all the rules about intermediary liability are the same?

When we talk about changing 230, though, we go instantly to the move, countermove. Move: it’s impossible to monitor all our content; countermove: but you’re hurting innocent people. Possible synthesis? Notice and takedown: works clunkily with copyright infringement, which is easy compared to defamation and related torts, with which most would-be reformers of 230 are concerned. Potential harms to accused users: When users lose posts or accounts, their lives can be disrupted—social networks are valuable to them not just because of particular content, but because of relationships. Privacy issues: anonymity is an important value for many people; a notice and takedown regime would require the sacrifice of that anonymity to defend a statement challenged by someone upset about that statement.

This is also a debate about acceptable business models: what risks ought an intermediary to take as a cost of doing business? 230 says: not many. Speaking in “business model” terms makes it sound as if greater liability would be fine, just a matter of money, but I don’t think that’s right. The landmark NYT v. Sullivan case establishing newspapers’ almost complete freedom under the First Amendment to say things about public figures was also a case about business models. The Court was quite clear that it endorsed the paper’s business model as a means of implementing First Amendment values—if the paper had to do more fact-checking, it wouldn’t run as many political ads or stories.

Sullivan precludes defamation liability for speech about public officials unless there’s clear and convincing evidence of actual malice, which means actual knowledge or red flags about the falsity of the information published. This rule is especially useful for intermediaries.

A printer reproducing his own words can more easily assess whether he has taken reasonable care to verify truth; the real speech-chilling effects of a negligence standard come when he must guess whether someone else who wants to use his press has also taken reasonable care. Moreover, the printer-intermediary is likely to be less committed to getting a message out than a printer-speaker; more inclined to doubt the truth of another’s claims than of his own, and thus not overconfident about his chances of success in a lawsuit; and overall more risk-averse than individual speakers, not least because of the likelihood that the printer has deeper pockets and is a more attractive defendant from a plaintiff’s perspective. Sullivan, though of course protecting individuals as well, removes barriers that disproportionately discourage intermediaries from carrying others’ speech.

Thus, the Supreme Court in Sullivan analyzed what the Times knew about the truth of the statements at issue, not what the individual author of the ad knew. But Sullivan has not generally been understood as a case about intermediary liability. We have 230 because it was unclear how far Sullivan’s rationale—protection for certain speech-based business models—would extend past its rule—no liability for defamation without actual malice. Now, we’re in a better position to say that some business models do produce a more robust speech environment, and the First Amendment has to be an important concern when we talk about reforming 230.

Standard countermove to Professor Kim: the ISP says, if you make a non-immunity rule, I will take down any content about which I get a complaint. Doesn’t matter whether I’m allowed to take the chance and keep up material I’m not sure about. I won’t, because it’s not worth it to me, for exactly the reasons mentioned above.

Where do people engage in free speech? Central Park? Not very likely these days. If we want practical access, it will move through private entities, whether the NYT or the NYT website.

My preference for solving some problems, though not all: Governance solutions: if intermediaries aren’t responsible for user-provided content, then they should have to give up some control over that content—they shouldn’t be able to use contracts to assert absolute dominion over what they allow. If it isn’t their content when it hurts third parties, then at the very least the people whose content it is should be allowed to play a role in governing the community of which they are a part.

Jain: It is true that ISPs will take down any challenged content if there’s any risk of liability. Even if you say there’s only a 5% risk, why will they take the risk, let alone litigation costs? Liability creates a heckler’s veto. If reasonableness depends at all on notice, then rather than expend resources the ISP will take down the content 99% of the time. There may be cases in which social values outweigh the costs (protection of youth), but as appealing as reasonableness sounds, the practical implication is that any content subject to reasonableness will disappear if challenged.

Goldman: Despite 230, you can get content off the internet from a lot of places just by asking. The incentive structure applies even with immunity. Also: has anyone in the room actually personally gotten a C&D? As a blogger, he gets them more than he likes. Being in the sights of someone in the business of suing people isn’t fun.

Kim: Sensitive to 1A concerns, but thinks they’re exaggerated. Most businesses that we think about do act in responsible, reasonable manners under her proposed model, which looks at the front-end procedures a business has in place, not the content after the injury. There was nothing in the NYT’s business model that was unreasonable. An online reasonability model could be found, taking into account things like the way that anonymity encourages defamation. Ratemyprofessor.com requires students to register, but dontdatehimgirl.com doesn’t.

Tushnet: Consider Kim’s front-end theory in light of the Tiffany’s case, to be discussed—how much has it cost eBay to establish that it’s reasonable (pending appeal)?

Q: If someone were featured on the dontdatehimgirl.com site, what would the panel recommend to do about?

Kim: Not sure there’s a good answer.

Goldman: There are ways to push that into the second page of Google results, which makes them obscure/effectively disappear.

A: Can complain to the website, citing the ToS, and generally they take it down.

Kim: If it’s a responsible business—people who make up with their exes sometimes fail to get content down from dontdatehimgirl.com, because it makes the site more popular.

Jain: Analyzing the business model is a dangerous road to go down. What Congress clearly said was that it wanted vibrant and competitive internet—a host of business models, not ex ante judging of what business models are okay. Is it reasonable to say that a 30-employee site doesn’t need to screen, or is it unreasonable not to have enough employees to screen? A detriment to innovation.

Goldman: Does dontdatehimgirl.com invite inappropriate content? The principle: people should be accountable for their choices. There might be people out there who are really bad dates. Not just boring, but bad. We might want there to be information about that circulating. Whether that site promotes the goal is up for debate, but it’s not the wrong kind of information inherently.

A: Recourse—can post response in the comments—this poster is a psychopath. (Though that response may not help a lot.)

Goldman: People can generate information a variety of ways—allow discussion and remove problematic content; other sites don’t remove content no matter what and don’t allow the target to reply—230 allows a heterogeneity of solutions. It is true: If you don’t have a right of reply on the site, you can get stuck.

Q: Juicycampus.com: The New Jersey prosecutors had trouble finding the posters of defamatory content—a specific problem where the website wouldn’t allow more speech. Is this really protected speech? How does society benefit?

Goldman: Thinks the questioner is talking about AutoAdmit, where students had trouble finding jobs. Juicycampus is the market working very well. A site was eliciting a lot of not credible content; it got drummed out of the marketplace. We are coming to a catharsis about sites that are worthy of our time and credit and sites that aren’t.

A: Public interest—one justification for free speech is not about serving the public interest, but about individual autonomy. Even if the speech is worthless to others.

Q: Generational issue, and we’re all on the wrong side in analyzing how distasteful and potentially harmful information that is not attributable to a person may be. Older people regard it as much more dangerous.

Kim: Not sure it’s true that young people don’t care, but assuming it is, they aren’t thinking longterm. Think of the stuff you didn’t care about other people knowing when you were in college.

Goldman: There was a groundswell of students who protested Juicycampus and argued for self-restraint in using it. Students can make some judgments, even as they figure out reputation in the long run.

My thought: Gender makes a big difference too. With AutoAdmit, women were afraid to go to the gym because of anonymous posters about how they looked at the gym. That’s a real cost.

Kim: Consider the chilling effect of this speech on the speech of the targets. It’s free speech v. free speech—what type of discourse do we want to take shape on the internet?

Q: The legal framework may be at odds with social practice. The definition of what is truly defamatory today may be at odds with the Victorian framework of what counts as defamation. Certain criticisms no longer cause the same kind of harm that they did when the law was formed. People are now aware that the internet counts as public—if it’s out there, it’s up for comment. So maybe we need to change the definition of public figure. (I think this is overstated; people still have local expectations of privacy—in fact, I don’t expect 10,000 people to read my blog. The collapse of the interval between globally public and completely private is a problem, and it’s not complete either.)

Goldman: with every tech, there’s a lost generation. The people afterwards learn from their mistakes.

My thought: danah boyd talks about anonymity/pseudonymity as a positive value from teen perspectives, because young people have been taught not to use their real names in order to protect themselves. To then condemn anonymity/pseudonymity seems odd to them.

Reform proposals?

Kim: Likes the 7th Circuit rule on publishers. In general, 230 is okay, but reasonableness should come in. She thinks notice and takedown should exist in three cases: (1) where the poster requests the takedown; (2) a naked picture if there’s no written authorization from the subject and the request comes from the subject; (3) a picture of a minor, on request. (Bye-bye, Star Wars Kid.) If they don’t, they should be open to suit on standard grounds, which means they wouldn’t necessarily be liable but it would depend on the background rules.

Goldman: Likes 230; every system has its costs. What made the internet succeed? He can’t rule out that 230 was a big factor. Tinkering with 230 might undo some of that “secret sauce.” He thinks it’s a huge government success.