Header graphic for print

Socially Aware Blog

The Law and Business of Social Media

Google Ordered to Remove All Copies of Anti-Islamic Film From YouTube After Actress With Bit Part Threatened by Outraged Muslims; Decision Puzzles Copyright Attorneys

Posted in Copyright, Litigation

An aspiring actress moves to California and finds her life threatened. While standard fare for pulp fiction, the case of Garcia v. Google involves a twist on this well-worn plot line that not even the most imaginative Hollywood scriptwriter could invent.

Cindy Lee Garcia answered a casting call for a low-budget amateur movie with the working title Desert Warrior. The film’s writer and producer told her that it would be a “historical Arabian Desert adventure film.” Ms. Garcia received $500 for her performance in the film. It turns out the actress was misled by the producer, Mark Basseley Youssef (aka Nakoula Basseley Nakoula, aka Sam Bacile), a Coptic Christian from Egypt, who was reportedly working in conjunction with an American non-profit, Media for Christ. The filmmakers had no intention of making an adventure film; rather, the end product – titled Innocence of Muslims – is an anti-Islamic account of the Prophet Mohammed that many Muslims find highly offensive and blasphemous.

In July 2012, Mr. Youssef posted a 14-minute trailer of the film to YouTube, which is owned and operated by Google. Ms. Garcia appears for about five seconds in the trailer. The film overdubs her voice with lines she never actually spoke. In September 2012, an Egyptian cleric issued a fatwa against all involved in the film, calling on Muslims to “kill the director, the producer, and the actors and everyone who helped and promoted the film.” Ms. Garcia claims that she began to receive death threats and was forced to take precautionary measures at great expense to protect herself from retribution.

Sending takedown notices under the Digital Millennium Copyright Act, Ms. Garcia demanded that Google remove all copies of the trailer from YouTube. Google declined to do so. In September 2012, Ms. Garcia sued Google, later also naming YouTube, asserting claims for copyright infringement. In October 2012, Ms. Garcia moved for a preliminary injunction, seeking to have Google take down all copies of the movie trailer from YouTube. Continue Reading

Employer Access to Employee Social Media: Applicant Screening, ‘Friend’ Requests and Workplace Investigations

Posted in Employment Law, Privacy

A 2013 CareerBuilder survey of hiring managers and human resource professionals reports that more than two in five companies use social networking sites to research job candidates. This interest in social networking does not end when the candidate is hired: to the contrary, companies are seeking to leverage the personal social media networks of their existing employees, as well as to inspect personal social media in workplace investigations.

As employer social media practices continue to evolve, individuals and privacy advocacy groups have grown increasingly concerned about employers intruding upon applicants’ or employees’ privacy by viewing restricted access social media accounts. A dozen states already have passed special laws restricting employer access to personal social media accounts of applicants and employees (“state social media laws”), and similar legislation is pending in at least 28 states. Federal legislation is also under discussion.

These state social media laws restrict an employer’s ability to access personal social media accounts of applicants or employees, to ask an employee to “friend” a supervisor or other employer representative and to inspect employees’ personal social media. They also have broader implications for common practices such as applicant screening and workplace investigations, as discussed below. Continue Reading

A Smart Wallet

Posted in Financial Institutions, FTC, Privacy

Another great post from our sister blog, MoFo Tech:

The potential for mobile payments is huge. So are the potential legal and regulatory hurdles.

Banks, retailers, and pundits are paying a lot of attention to mobile payments, which typically involve the use of smartphones and tablets to pay for purchases.  But a lack of mobile infrastructure has kept the use of mobile payments fairly low in the U.S.

The space is evolving quickly, however.  More infrastructure is being rolled out, while new software and cloud-based solutions are enabling payment processing without the need for a network of specialized in-store terminals.  For their part, consumers are already well equipped to take advantage of these developments.  Today, 61 percent of American consumers have smartphones or tablets, up from 48 percent last year, according to a recent study from Vantiv, a provider of payment processing strategies, and the Mercator Advisory Group, an independent research firm.

Many of these consumers are already using these devices as shopping tools—comparing in-store prices with online prices, researching products, downloading coupons, and discussing potential purchases with friends.  So it’s fair to assume that consumers will adopt mobile payments quickly as they become easier and more widespread.  By 2018, Mercator estimates, the value of mobile payments will increase sevenfold, to $362.8 million a year, up from $51.4 million today.

There’s a great deal of opportunity here.  But there’s also much to consider from a legal standpoint, because mobile payments represent the convergence of business, technology, and banking.  “You have to think about issues like the structure of the mobile payment offering, including the source and settlement of the funds to determine the applicable regulatory framework,” says Obrea Poindexter, a partner at Morrison & Foerster who leads the mobile payments group.  “There are technology issues relating to cybersecurity and authentication as well as regulatory issues, such as maintaining the privacy of consumer data and complying with anti-money laundering laws.”

Continue Reading

German Court Rules Against Facebook’s “Friend Finder”

Posted in Litigation, Privacy

On January 24, 2014, in a case filed against Facebook by German consumer protection association VZBV, the Berlin Court of Appeal (“Court”) upheld a lower court ruling that Facebook’s “Friend Finder” function is unlawful. The Court agreed with the Berlin Regional Court’s 2012 decision that the Friend Finder function violates both German data protection law and unfair trade law, and re-affirmed the invalidity of several clauses in Facebook’s privacy notice and other online terms and conditions. VZBV has reported the ruling as a consumer victory, stating that the ruling recognizes that privacy is a consumer protection issue.

At the time of the original complaint, Facebook’s Friend Finder function invited users to “find friends from different parts of [their] life” by providing various pieces of information to the Facebook site, such as the schools their friends attended or the names of their friends’ current employers. Friend Finder also invited users to upload personal contacts from other platforms, including Skype and MSN, which enabled Facebook to add those contacts to its database and send them emails inviting them to join the social media platform. The complaint alleged that once Facebook had gathered this data, it could be used for other purposes, including commercial purposes. The Court held that Facebook had failed to provide adequate notice to users regarding this data import, and that its importing of non-users’ contact information constituted the collection of personal data of individuals who were not registered Facebook users without their knowledge or consent.

First, the Court established that German law applies to Facebook in this case because, although the social network’s European headquarters are based in Ireland, the U.S. parent company processes the applicable data and sets cookies on users’ computers located in Germany. The Court also pointed out that Facebook’s use of German service providers results in the application of German law. These facts distinguished the case from a recent ruling of the Schleswig-Holstein Administrative Court, which stated that Irish law—not German or U.S. law—applied to certain Facebook marketing activities in Germany because those activities were controlled from Ireland.

Turning to Friend Finder, the Court found that a breach of data protection law also constitutes a breach of the German Unfair Trade Act (“Unfair Trade Act”). More specifically, according to the Court, the fact that the Friend Finder function collected certain data without informing users or obtaining their consent, breached Germany’s Data Protection Act and Telemedia Act, and the subsequent use of such data for commercial purposes without notice or consent violated the Unfair Trade Act.

The Court also found that Facebook’s email invitations to non-users asking them to register with Facebook, without recipients’ prior explicit consent, amounted to unlawful email marketing under the Unfair Trade Act. The Court highlighted that Facebook itself was the sender of these emails, not Facebook’s users (as might be the case with other companies’ “tell-a-friend” marketing functions), and that Facebook users were deceived because they were unaware that the contact information they had uploaded to the service would be used to send emails to their contacts.

Finally, the Court found certain clauses in Facebook’s terms and conditions (Allgemeine Geschäftsbedingungen) and privacy terms (Datenschutzrichtlinien) to be invalid, for a variety of reasons. For example, Facebook’s terms and conditions granted the company a worldwide license to use works such as photographs and videos uploaded by users, and the wording of the terms would have permitted the marketing and sale of such materials to other companies for commercial use. The Court found such license to be invalid without obtaining users’ specific consent based on “clear” and “easy to understand” language. Various other provisions, including those that gave Facebook the right to unilaterally modify its privacy terms and other terms and conditions, were also found to be unclear and therefore invalid.

Facebook’s mechanism for obtaining consent to its privacy terms turned out to be critical to this case. Currently, consumer associations are only permitted to bring actions in Germany regarding privacy terms that are considered to be “general terms and conditions” and thereby subject to certain rules concerning standard terms and conditions. Where those rules apply, Germany’s unfair trade provisions are applied. For several years now, VZBV has been lobbying the German government to pass legislation permitting actions related to data protection to be brought directly, and indeed, the German government announced in February 2014 that a draft bill amending the German Injunctions Act is expected in April 2014.

The amendments to the German Injunctions Act are anticipated to extend the scope of certain of its provisions that permit consumer associations to initiate summary proceedings to defend individuals’ rights, so that such provisions cover data protection laws. If these amendments are made, then the Injunctions Act would provide a new legal basis for litigation in Germany related to privacy and data protection.

Driving Under the Influence (of Google Glass)

Posted in Wearable Computers

In September 2013, Socially Aware took a close look at the potential legal issues confronting users of Google Glass, the now instantly recognizable, compact head-mounted display mounted on a pair of specially designed eyeglass frames, which lets wearers access a variety of customized smartphone features.

In the meantime, Google’s Glass Explorer Program has expanded steadily.  In October 2013, the company announced the ability for each Explorer to invite three friends to join and purchase a Glass, and officially rolled out its “Glassware” app review program.  With the expansion of the Glass Explorer Program, several of the issues we identified last fall have come into sharper focus, including one that could have a real impact on wearers’ daily lives.

California Vehicle Code Section 27602

On October 30, 2013, Cecilia Abadie was ticketed by a California police officer—not just for speeding, but for wearing her Google Glass while driving.  The officer who ticketed Abadie cited a provision of California’s Vehicle Code, VC Section 27602, for the Glass-related violation.  The relevant portion of the law states:

(a) A person shall not drive a motor vehicle if a television receiver, a video monitor, or a television or video screen, or any other similar means of visually displaying a television broadcast or video signal that produces entertainment or business applications, is operating and is located in the motor vehicle at a point forward of the back of the driver’s seat, or is operating and the monitor, screen, or display is visible to the driver while driving the motor vehicle.

Naturally, VC Section 27602 was written before the advent of Google Glass (and it hasn’t been amended since 2011).  The law carves out several exceptions for equipment “when installed in a vehicle,” including global positioning and mapping displays, rear-view cameras (“[a] visual display used to enhance or supplement the driver’s view forward, behind, or to the sides of a motor vehicle for the purpose of maneuvering the vehicle”), and even television receivers that are disabled or unviewable while the vehicle is driven.

Abadie decided to fight the ticket, and on January 16, 2014, she was found not guilty by the San Diego Traffic Court Commissioner.  You can read a copy of the ruling on Abadie’s Google+ profile.  The Commissioner’s decision relied on the fact that there was no proof that Abadie’s Glass was in operation while she was driving.  This highlights an interesting difference between, on the one hand, dashboard-mounted screens, and on the other hand, compact head-mounted displays that may or may not have a visible “on” indicator: it’s much easier to tell whether a dash-mounted screen is “operating” at any given time.

In November 2013—notably, after Abadie was issued her ticket—Google reportedly updated its Glass FAQ to answer the question, “Can I use Glass while driving or bicycling?”:

It depends on where you are and how you use it.

As you probably know, most states have passed laws limiting the use of mobile devices while driving any motor vehicle, and most states post those rules on their department of motor vehicle websites.  Read up and follow the law!  Above all, even when you’re following the law, don’t hurt yourself or others by failing to pay attention to the road.  The same goes for bicycling:  whether or not any laws limit your use of Glass, always be careful.

Safe Driving Apps on Glass

The question of whether driving while wearing Glass is legal is different from the question of whether it’s safe.  Many contend that Glass and similar devices simply add to an already long list of driver distractions.  But others argue that some Glass apps—particularly apps that are specifically designed to be used while driving—are not only safe, but actually a positive alternative to using dashboard navigation systems that force drivers to take their eyes off the road repeatedly (and certainly a better alternative to the somehow irresistible urge to take out one’s smartphone to check messages or hunt for traffic alerts).  To put it another way, there’s a difference between merely using Glass while driving, and using Glass for driving.

For example, one sideloadable Glass app, DriveSafe, is designed specifically to make driving safer by using Glass’s built-in sensors to alert the driver when he or she appears to be nodding off.  The app, which is activated with the phrase, “OK Glass, keep me awake,” can even provide its wearer with directions to the nearest rest stop.  Another developer, INRIX, is exploring the possibility of porting its traffic app to Glass in order to enable drivers to receive real-time traffic alerts in their head-mounted displays and help them reroute their trips, all in a reportedly unobtrusive manner.  Query whether the prevalence of safety-specific Glass apps will see the advent of a “driving mode” for wearable head-mounted displays.

There is at least one Glass app whose safety implications are tough to refute: developed by a firefighter in North Carolina, the app feeds critical emergency information, such as a fire’s location and type, directly to a firefighter’s line of vision while driving, potentially eliminating the need to reach for a radio, mobile phone, or other device to retrieve the same information.  And firefighters may not be the only civil servants seeking to take advantage of Glass; in early February 2014, the NYPD announced that it is testing Glass for potential use by its officers.  Although the specific uses being tested haven’t been announced, it is easy to see how police officers could benefit from wearable head-mounted displays while driving, for example, by viewing details about crimes in progress, getting help with identifying vehicles, or recording offenders on the road.

The Future of Driving with Glass

Although it may be too early to accurately gauge the dangers of driving while wearing head-mounted displays, lawmakers are trying to regulate their use, and are likely to continue to do so—particularly where existing statutes might not do the trick.  At least five states are already considering bills that would ban driving with Google Glass: Delaware, New Jersey, West Virginia, Illinois, and most recently, Wyoming, whose proposed bill lumps Glass together with “texting while driving”:

No person shall operate a motor vehicle on a public street or highway while using a wearable computer with head mounted display, or while using a handheld electronic wireless communication device to write, send, or read a text-based communication.

And even though Glass is currently available only to U.S. residents (the Device Specific Addendum of Google’s Glass Terms of Sale states, “You must be 18 years or older, a resident of the United States, and authorized by Google as part of the Glass Explorer program in order to purchase or use Glass Explorer Edition”), the UK government is already contemplating a ban on Glass for drivers.

It will be particularly interesting to see how these new pieces of legislation address drivers who wear corrective lenses.  Originally, prescription lenses simply weren’t compatible with Glass (although that didn’t stop people from retrofitting earlier versions of the device with prescription lenses, including one man who was detained in January 2014 by federal agents after he wore his Glass to a movie theater and was suspected of trying to record the film using the device’s camera).  But in late January 2014, Google announced that it will be selling Glass frames that are designed to accommodate prescription lenses; and Vision Service Plan, the largest vision insurance provider in the United States, has announced that it will be offering subsidized frames and prescription lenses for Glass.  As head-mounted devices with prescription lenses become more prevalent, we are likely to see a larger population of users who simply can’t remove their head-mounted displays, particularly during vision-critical activities such as driving.

The story here is not an uncommon one.  The law struggles to catch up with advanced technologies like Glass and their new perceived risks; meanwhile, governments continue to use old laws to address those new risks, even though the fit isn’t always perfect.  Keep your eyes on the road, and we’ll keep our eyes on further Google Glass legal developments.

Social Media 2014: Addressing Corporate Risks

Posted in Employment Law, Event, IP, Online Promotions, Privacy

Please join Socially Aware editor John Delaney as he chairs Practising Law Institute’s (PLI) “Social Media 2014: Addressing Corporate Risks.” Issues to be addressed at the conference include:

  • Social media: how it works, and why it is transforming the business world
  • Drafting and updating social media policies
  • User-generated content and related IP concerns
  • Ensuring protection under the CDA’s Safe Harbor
  • Legal issues in connection with online data harvesting
  • Online marketing: new opportunities, new risks
  • Privacy law considerations
  • Practical tips for handling real-world issues

Representatives from Facebook, Pinterest, Google and other companies will be speaking at the event. The conference is being held in San Francisco on Monday, February 10th and in New York City on February 26th. The February 10th event will be webcasted. For more information or to register, please visit PLI’s website here.

New Issue of the Socially Aware Newsletter Available

Posted in Employment Law, Financial Institutions, First Amendment, FTC, Privacy

The latest issue of our Socially Aware newsletter is now available here.

In this issue of Socially Aware, our Burton Award-winning guide to the law and business of social media, we summarize the FFIEC’s recently-issued final guidance on social media use by financial institutions; we report on a new NLRB decision holding that particularly egregious social media postings by employees may fall outside the protections of the NLRA; we provide an update on the California Attorney General’s guidance regarding compliance with the state’s “do-not-track” disclosure requirements for websites; we discuss a recent case that calls into question the status of domain names as intangible property; we take a look at the latest in a string of cases exploring the First Amendment status of social media activity by government employees; and we highlight an important FTC settlement with a mobile app publisher related to data collection and sharing disclosures. All this plus a collection of surprising statistics about the most popular people, videos, tweets and hashtags of 2013.

Keeping Privates Private: The Legal Landscape of Revenge Porn

Posted in Copyright, DMCA, First Amendment, Privacy

Mark Zuckerberg famously stated that the purpose of Facebook is “to make the world more open and connected,” and indeed Facebook, other social media outlets and the Internet in general have brought worldwide openness and connection-through-sharing to levels unparalleled at any point in history. With this new universe of limitless dissemination often comes the stripping away of privacy, and “revenge porn,” a relatively new but seemingly inevitable outgrowth of social media and the Internet, is stripping away privacy in the most literal sense.

Defining “revenge porn” is relatively simple and does not require any sort of “I know it when I see it” test; in short, “revenge porn” is the act of publicly disseminating nude photographs or videos of somebody without her or his consent. The name derives from the fact that the act is most often associated with spurned men posting photos on the Internet that were received from their ex-girlfriends in confidence as “revenge” for breaking up with them or otherwise hurting them. But recently, more and more photos are popping up that were either taken without the victim’s consent or that were obtained by hacking a victim’s email or computer.  Revenge porn website operators invite users to post nude photos of their exes (or of anybody else, for that matter) and often allow the community to comment on the photos (which in many cases results in a barrage of expletives aimed at shaming the victim).

Recently, operators of revenge porn sites have taken attacks to a higher level, inviting visitors to post victims’ full names, addresses, phone numbers, places of work and other items of personal information alongside their photographs.  In some cases, victims’ faces are realistically superimposed onto nude photographs of pornographic actors or actresses in order to achieve the same effect when no actual nude photographs of the victims can be found. Victims of revenge porn often suffer significant harm, facing humiliation, loss of reputation, and in some cases, loss of employment. Due to the all-pervasive and permanent nature of the Internet, once a victim’s photo is posted online, it is very difficult for him or her to have it completely removed.  Operators of revenge porn sites have sometimes capitalized on this fact by offering to remove the photos for a fee (or running advertisements for services that will do so).

Operators of revenge porn websites often shield themselves behind the First Amendment, and website operators have been known to employ sophisticated legal teams in order to protect themselves from civil and criminal liability and to maintain operation of their sites.  Nonetheless, the law provides several avenues for victims seeking to have photos removed from websites, obtain restitution and, to the extent damage has not already been done, clear their names.

Self-Help as a First Step

Although the Internet is the tool used to disseminate revenge porn, it also now provides resources for victims who seek help in dealing with this invasion of privacy.  The website WomenAgainstRevengePorn.com contains a step-by-step guide to getting nude photos removed from the Internet, as well as contact information for lawyers and other advocates for revenge porn victims in various states.

According to WomenAgainstRevengePorn.com, the first step to mitigating the damage of revenge porn is to establish more of an online presence.  Although this may be counterintuitive, it is actually a logical approach: one of the biggest harms of revenge porn is that a friend, family member or employer will find nude photos when entering the victim’s name into a search engine.  By opening Facebook, Twitter, Pinterest and Instagram accounts under his or her name, a victim may be able to move the revenge porn photo to a lower position in search engine results.

Because nude photos tend to be spread quickly on the Internet, WomenAgainstRevengePorn.com also encourages victims to use Google’s reverse image search engine to find all websites where the victim’s photos may appear.  After taking careful note of all locations where such photos appear, victims are encouraged to file police reports.

Copyright Infringement

The next step in removing photos recommended by WomenAgainstRevengePorn.com, which has been successful in a number of cases (including as described in this particularly fascinating account), is for the victim to take advantage of U.S. copyright law.  Under U.S. copyright law, a person who takes a nude photo of herself or himself is the owner of the copyright in that photo and thus can enjoin others from reproducing or displaying the photo.  A victim may, therefore, submit a “takedown” notice under Section 512 of the Digital Millennium Copyright Act (DMCA) to the webmasters and web hosts of the offending sites as well as to search engine sites where the nude photo may come up as a search result (Google even provides step-by-step instructions).  Because the DMCA provides an infringement safe harbor to web service providers who comply with the statute’s requirements, many search engines and web hosts will remove revenge porn photos upon receipt of a takedown notice.  If the photo is not removed, the victim may consider registering his or her copyrights in the photos and suing the web host or search engine in federal court, although this may not always be a desirable approach for the reasons described below.

Using copyright law to fight revenge porn, while effective to an extent, is not without problems, including the following:

  • It only works if the victim owns the copyright.  While many revenge porn photos are taken by the victim himself or herself and then posted without his or her consent, this is not always the case. In situations where another person took the photo –e.g., if the victim’s girlfriend or boyfriend took it, or if the photo was taken secretly without the victim’s consent–the victim would not be the copyright owner and thus could not use copyright law to force removal.
  • Website operators may reject copyright infringement claims and refuse to remove the offending photos.  Although a victim could move forward with litigation to obtain an injunction and possibly monetary damages, revenge porn operators are often confident that (a) the costs of litigation are too expensive for many revenge porn victims and (b) many revenge porn victims fear making their situations even more public by bringing suit. To mitigate the risk of such increased exposure, victims can attempt to bring suit pseudonymously, and there are resources on the Internet devoted to assisting with this.
  • Even if a website operator removes the photos of one victim who follows all of the necessary steps to enforce his or her copyright, the website will still display photos of hundreds, if not thousands of other victims.

Thus, copyright law is not always enough to effectively combat revenge porn.

Defamation, Privacy and Other Related Laws

Several victims of revenge porn, as well as people who have had other personal information of a sexual or otherwise inappropriate nature published on revenge porn websites, have launched civil lawsuits under theories such as defamation, invasion of privacy, and identity theft.  As we have reported previously, one high profile example of this came in July 2013, when a federal judge in Kentucky allowed a defamation lawsuit against the operator of a site called TheDirty.com to proceed and a jury awarded the victim (about whom the site had published false accounts of her sexual history) $338,000.

Prosecutors have also taken advantage of the fact that the operators of these sites often engage in criminal activity in order to obtain and capitalize on nude photos.  On January 23, 2014, Hunter Moore, known by some as the “most hated man on the Internet” and probably the most famous and successful revenge pornographer to date, was arrested on charges of illegally accessing personal email accounts in order to obtain photos for his revenge porn site.  Further, California Attorney General Kamala Harris recently announced the arrest of a revenge porn site operator for 31 accounts of conspiracy, identify theft and extortion based on the unauthorized posting of nude photos.  Depending on the outcome of these cases and civil cases such as that against TheDirty.com (and their inevitable appeals), revenge porn victims may soon have additional avenues of legal recourse.

The most commonly used defense of website operators against charges like those discussed above is 47 U.S. Code § 230(c)(1), the provision of the Communications Decency Act of 1996 (CDA) that states: “no provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider.”  Revenge porn website operators have cited this statutory provision to argue that they are not responsible for the images they host if the content was provided by other users.  However, § 230 might not provide a defense in all cases.  First, § 230 does not grant a website operator immunity from federal criminal laws, intellectual property laws or communications privacy laws (such as the laws that Hunter Moore allegedly violated).  For example, if a website operator uses a photo of a victim submitted by a third party to extort money from the victim, § 230 would not provide any defense. Second, § 230 may not protect a website operator if the site contributes to the creation of the offending content.  In the case against TheDirty.com referenced above, the court rejected the operator’s § 230 defense, pointing out that the operator, who edited and added commentary to the submitted offending content, “did far more than just allow postings by others or engage in editorial or self-regulatory functions.” It is noteworthy, however, that the website operator of TheDirty.com has filed an appeal in the Sixth Circuit and that TheDirty.com did prevail in a 2012 case based on similar facts).

State Anti-Revenge Porn Laws

Another approach to deterring website operators from posting unauthorized nude photos is passing laws that criminalize that specific activity.  As of today, only two states, New Jersey and California, have such laws. These laws are fairly limited in scope in order to pass constitutional muster under the First Amendment. California’s law, enacted on October 1, 2013, is subject to a number of limitations. For example, it does not cover photos taken by the victim himself or herself, it does not apply if a third party obtains the photos through hacking, and a website operator can only be prosecuted if the state can prove that the operator intended to cause emotional distress.  Further, the penalties under this law are relatively minor: distribution of unauthorized nude images or videos is a misdemeanor, with convicted perpetrators facing six months in jail and a $1000 fine.  Nonetheless, free speech advocates, including the Electronic Frontier Foundation (EFF), have criticized the law, stating that it is overly broad, criminalizes innocent behavior, and violates free speech rights.

Despite broad objections against anti-revenge porn laws from the EFF and various other free speech advocates, legislatures in several other states, including New York, Rhode Island, Maryland and Virginia, have introduced laws that would criminalize operation of revenge porn websites.  There is also discussion about enacting a federal anti-revenge porn statute. Whether these laws will be enacted, and the extent to which prosecutors will actually invoke these laws if they are passed, remains uncertain. But such laws could become powerful weapons in the fight to eliminate revenge porn.

As revenge porn is a worldwide phenomenon, jurisdictions outside the U.S. have also passed laws aimed at punishing the practice. For example, a law criminalizing non-consensual distribution of nude photographs of other people was passed in the Australian state of Victoria in December 2013. And, in January 2014, the Israeli parliament passed a law that criminalizes revenge porn, punishing website operators who publish unauthorized photos or videos of a sexual nature with up to five years in prison.

Conclusion

As long as people fall in (or out of) love (or lust) and cameras and the Internet exist, the proliferation of revenge porn websites will remain a troubling issue.  As discussed above, however, the law does provide at least some recourse to the victims of revenge porn.

You May Not Necessarily Be the Master of Your Domain

Posted in Litigation, Supreme Court, Trademark

The ability to associate goods and services with a specific domain name can make or break a business, so much so that companies are still willing to fork over millions to purchase domain names.  And although you may consider yourself lucky to have registered a catchy domain name that drives plenty of traffic to your website, query whether the domain name is actually your property; not only do companies that provide domain name registration services frequently take the position that domain names are not property, but at least one recent case law suggests this as well.

The concept that domain names can be “owned” as intangible personal property seems reasonable on its face, particularly given the close relationship between domain names and trademarks, the latter of which historically have been considered property.  Domain names frequently contain a registrant’s trade name or trademark associated with the registrant’s goods or services.  Moreover, the Anticybersquatting Consumer Protection Act of 1999 (15 U.S. Code § 1125) permits a trademark owner to pursue an in rem action against a domain name that violates the mark owner’s rights, and the availability of an in rem action implies that the Act treats domain names as property.

On the other hand, domain names and trademarks are distinguishable.  For example, certain prerequisites for federal trademark registration, such as proof of the mark being used in interstate commerce to identify a specific type of good or service, do not apply to domain name registrations (which instead are registrable on a first-come, first-served basis).  And although similar marks used by different companies can potentially co-exist depending on territorial and other factors, each registered domain name is unique, at least with respect to the applicable top-level domain.  (Given that uniqueness, and the ability of domain names to “point” Internet users to information sources, domain names have been likened to toll-free “vanity” telephone numbers; like domain names, vanity telephone numbers that include a company’s name or mark are, in a sense, tools that can help drive traffic to the company’s offerings.)

On November 7, 2013, in Alexandria Surveys, LLC v. Alexandria Consulting Group, the U.S. District Court for the Eastern District of Virginia held that under Virginia law, domain names, like telephone numbers, are not property.  In Alexandria, two competitors, Alexandria Surveys LLC (“ASL”) and Alexandria Consulting Group (“ACG”), each sought the rights to the domain name ALEXANDRIASURVEY.COM, which previously had been registered by Alexandria Surveys International (“ASI”), a debtor in bankruptcy.  ASL had purchased from Cox Communications ASI’s former telephone number and domain name, which had not been scheduled by the trustee in ASI’s bankruptcy proceeding.  ASI’s estate was later reopened, and among other assets, the trustee auctioned off that same telephone number and domain name to ACG.  The bankruptcy court ordered ASL to hand over the disputed assets to ACG, and ASL appealed.

The District Court, noting the absence of any on-point Fourth Circuit precedent, relied on the 2000 decision in Network Solutions Inc. v. Umbro International, Inc. et al., in which the Virginia Supreme Court held that domain names are contractual rights rather than property rights subject to garnishment, that is, that they are merely “the product of a contract for services between the registrar and registrant,” because they cannot exist without the provider performing services under the applicable domain name registration services agreement.  Although the court in Alexandria acknowledged a split in authority concerning the proprietary nature of telephone numbers, the court ultimately agreed with the Virginia Supreme Court’s conclusion that “Virginia does not recognize an ownership interest in . . . web addresses[,]” and held that ASI’s domain names were not transferred as part of the estate.  Although the court in Alexandria acknowledged that a domain name can be valuable, the court reasoned that such value is subjective and therefore in itself insufficient to support an argument that domain names constitute property.

The view that domain names are not personal property can be viewed as contrary to the Ninth Circuit’s well-known 2003 ruling in Gary Kremen v. Stephen Michael Cohen, et al., concerning the wrongful transfer of the highly lucrative domain name SEX.COM.  In Kremen, Gary Kremen, the original registrant of SEX.COM, sought to recover against Network Solutions (“NSI”) under theories of breach of contract and conversion after NSI transferred the domain name to Stephen Cohen without his authorization.  Although Kremen’s breach of contract claim failed for want of consideration—Kremen had registered SEX.COM in the mid-1990s, when NSI was issuing domain name registrations to companies and individuals free of charge—the Ninth Circuit ruled that a registrant does have a property right in a registered domain name and that the unauthorized transfer of that domain name serves as a basis for a claim of conversion.  In support of this conclusion, the Ninth Circuit pointed out that domain names represent an interest that is well-defined; that domain names are subject to exclusive possession or control; and that registrants can have a legitimate claim to exclusivity over domain names.

Meanwhile, some domain name registration service providers go to great lengths to inform their customers that domain names are not property.  Namecheap’s registration agreement states: “You further agree that domain name registration is a service, that domain name registrations do not exist independently from services provided pursuant to this or a similar registration agreement with a registrar, and that domain name registration services do not create a property interest.”  And GoDaddy’s registration agreement requires customers to “acknowledge and agree that by registering a domain name, you are not acquiring any property rights in that domain name.”

Also keep in mind that treating domain names as property is not without potential problems.  For example, as the Virginia Supreme Court pointed out in Network Solutions, treating domain names as property and thereby subjecting them to garnishment could open the door to garnishment of other business indicia, such as corporate names, “by serving a garnishment summons on the State Corporation Commission since the Commission registers corporate names and, in doing so, does not allow the use of indistinguishable corporate names.”  It is unclear how problems like these might be resolved in the future.

For now, the answer to whether domain names constitute personal property is a tough question and may depend on the jurisdiction where a claim is ultimately raised.  And, from a practical standpoint, care should be taken in how domain names are treated in commercial transactions, given that they are frequently among a business’s most important features. 

Uncovering a Line in the Sand: Employee Social Media Use and the NLRA

Posted in Employment Law, Litigation

If an employee calls his supervisor a “nasty motherf[**]ker” on Facebook, would the employee lose the protection that he would otherwise enjoy under the National Labor Relations Act (NLRA)?  Probably not, according to National Labor Relations Board (NRLB) decisions like Pier Sixty LLC.

In Pier Sixty, an employee reacted to a labor dispute by posting the following message about his supervisor on Facebook: “Bob is such a NASTY MOTHER F[**]KER don’t know how to talk to people!!!!!  F[**]k his mother and his entire f[**]ing family!!!! What a LOSER!!!! Vote YES for the UNION!!!!!!!” Despite the obscenities, the administrative law judge decided that the employee’s posting was concerted activity under the NLRA, which is activity by two or more employees that provides mutual aid or protection regarding terms or conditions of employment. This concerted activity was not egregious enough to cause the employee to lose the NLRA’s protections. Accordingly, the judge ordered the employer to reinstate the employee. This decision is not an anomaly among decisions interpreting the NLRA. In fact, a number of NLRB cases have held that use of the “f-word” did not exceed the bounds of the NLRA’s protection.

This has left employers wondering: Is there any limit to what an employee can post? Can postings otherwise covered by the NLRA ever go too far and cross the line into unprotected activity? In a recent decision, Richmond District Neighborhood Center, the NLRB demonstrated that it will draw a line in the sand, albeit a thin and distant one. Certain situations, particularly egregious postings by employees on social media sites, may fall outside the protection of the NLRA, even when the postings otherwise involve concerted activity.

Richmond District Neighborhood Center concerned a Facebook conversation between Ian Callaghan and Kenya Moore, who were both employed as teen activity leaders at the Richmond Neighborhood District Center, a non-profit organization that provides youth and family community programs. In a conversation visible only to their Facebook friends, Callaghan and Moore complained about management and discussed plans to defy the Center’s rules, posting statements such as:

“…let them figure it out and they start loosin’ kids I ain’t help’n HAHA.”

“…we’ll take advantage, play music loud … teach kids how to graffiti up the walls…. I don’t feel like being their b*tch and making it all happy-friendly middle school campy. Let’s do some cool sh*t, and let them figure out the money. No more Sean. Let’s f*ck it up.”

“HAHA we gone have hella clubs and take the kids.”

“[H]ahaha! F*ck em. Field trips all the time to wherever the f*ck we want!”

“I’ll be back to raise hell wit ya. Don’t worry.”

The Center fired Callaghan and Moore after another employee brought the conversation to its attention. Callaghan and Moore contended their activity was protected under the NLRA.

The administrative law judge found that the employees were engaged in concerted activity when voicing their disagreement with the Center’s management. The judge concluded, however, that even though the employees’ remarks constituted concerted activity, the activity was not protected under the NLRA. He stated: “[T]he question is whether the conduct is so egregious as to take it outside the protection of the Act, or of such character as to render the employee unfit for further service.”

The Center explained that the employees’ Facebook conversation was detrimental to its eligibility for grants and could raise serious concerns for parents of the youth served by the Center. The judge agreed, finding that the conversation was not protected under the NRLA because it “jeopardized the program’s funding and the safety of the youth it serves.” Moreover, the conduct rendered the two employees “unfit for further service.” The judge dismissed Callaghan and Moore’s complaint.

Although this decision uncovers a previously obscured line in the sand with regard to protected social media activity, employers should still exercise considerable caution when responding to complaints about an employee’s use of social media. Postings that are otherwise protected by the NLRA are unlikely to lose that protection merely because they are offensive, even if they use profanity. Nonetheless, the Richmond case reveals that conduct found to endanger an employer’s funding or client safety may potentially cross the line and fall outside the wide protection of the NLRA.

Editors’ Note:  The original posts quoted in this article did not contain asterisks; such asterisks have been added by the authors of this article.