May 21, 2012
Doctors' Online Reputation Management and Patient Reviews (Talk Notes from ASAPS Annual Meeting)
By Eric Goldman
I recently spoke at the annual meeting of the American Society for Aesthetic Plastic Surgery (ASAPS) in Vancouver, BC. This is not a normal conference venue for me! (And given the number of fashion-conscious people at the conference, I stuck out like a sore thumb for more reasons than one). Last year, I was recruited to participate on a panel Reputation Management--Managing Your Online Image to cross swords with Dr. Jeffrey Segal, Medical Justice's infamous CEO. It would have been an exciting session...except that Medical Justice "retired" its unacceptable approach late last fall, undercutting the main reason for my panel participation.
I nevertheless had the pleasure of meeting Dr. Segal, and no fisticuffs ensued, either physically or metaphorically. Medical Justice has totally reversed gears, and now they love patient reviews after trying to suppress them for four years. Unfortunately, Medical Justice screwed up the medical community with its persistent and mostly unrebutted advocacy for 4 years that patient reviews are evil. This miseducation really harmed the entire profession, and it will probably take years for the community to overcome the damage inflicted on it by Medical Justice and other anti-review naysayers.
As dramatic evidence of that, numerous entrepreneurs (including, I believe, Medical Justice) are helping doctors collect patient reviews through a centralized collection mechanism that, among other things, lets doctors review and spike patients' reviews before posting those reviews on patients' behalf to review sites. [UPDATE: Dr. Segal emailed me to indicate that Medical Justice's system passes through all reviews without giving doctors a veto.] Seriously, guys? The only advantage of this system is that the collection mechanism can authenticate review-submitters as actual patients of the doctor, but every other aspect of a mediated collection mechanism is bad news for patients, prospective patients and society at large. Doctors remain so petrified of organic word-of-mouth that they still feel the need to insert themselves in the middle of the process. Let it go, guys!!!
I made some notes before my talk, appended below. I also posted a reasonably comprehensive chart of doctor v. patient lawsuits over online reviews with the outcomes of those lawsuits to the best I could determine (if I've missed any lawsuits I should be tracking, please email me). I spoke fourth on the panel, so a lot of my remarks were preempted by the time we got to me. So here's what I would have said if I had been first on the panel:
_______
My talk notes:
1) Doctors are often initially skeptical of patient reviews. Why?
• Doctors may take reviews personally (true of most small business owners)
• Most patients aren’t expert evaluators of medical advice (also true of all professional service providers).
- especially in aesthetic plastic surgery, where the outcomes may be inherently subjective
- but many patient reviews don’t critique issues requiring medical expertise
• Patient confidentiality (e.g., HIPAA) may limit doctors’ ability to respond (confidentiality restrictions apply to many professional service providers)
• Historically, doctors’ marketing efforts haven’t tied directly to patient satisfaction. Insurance programs, peer referrals and individual word-of-mouth were much more important. Specialty doctors often had de facto geographic monopolies
• Negative reviews can cost doctors money. This is especially for elective procedures (like aesthetic plastic surgery) where many doctors are building national customer bases—and thus competing with other doctors across the nation
2) Whether doctors like it or not, patient reviews are here to stay
• Review sites are proliferating
• Patients are legally entitled to have their say
- Efforts to suppress patient reviews, such as the scheme advocated by Medical Justice, are probably illegal, probably unethical and almost certainly counter-productive
- Illegality: NY v Network Associates; HHS Office of Civil Rights; contract unconscionability; 512(f); others
- Review websites are legally protected by 47 USC 230
3) Rather than fighting patient reviews, doctors should embrace them
• Patients expect to check reviews before making economic decisions
- Consumer reviews are one of the most important pre-transaction information sources to consumers
- Consumers are skeptical of businesses that don’t have reviews
- If a doctor's competitor has reviews and the doctor don’t, the doctor is probably falling behind
• The vast majority of patient reviews are positive (~90% of doctor reviews). Tom Seery of RealSelf will be publishing empirical stats from his site showing how the vast number of patient reviews are positive. He called it a "J curve" of reviews--small number of negative reviews, even smaller number of mixed reviews, and huge number of positive reviews.
- “Wisdom of the crowds”: any one review is unreliable, but averages across large sets of reviews are quite reliable. Thus, doctors should seek to develop a critical mass of reviews (Dr. Grant Stevens called this "diluting the pathogen"--not sure I like the rhetoric, but the concept is right)
- Given the odds that the reviews will be positive, there’s no need to trick or incent patients to give positive reviews (ex: hotels routinely encourage all of their customers to reviews at TripAdvisor, knowing that most will say positive things)
4) What should a doctor do about a negative patient review?
• Product marketing: try to avoid negative consumer reviews by delivering good value. A doctor's patients can be its evangelists
• Consider if the negative review is right
- Patients provide incredibly useful feedback that can improve the doctor's business. Listen and learn!
- Openly admitting mistakes earns a lot of credibility
• Most of the time, doctors should take no action against a negative consumer review
- Consumers often discount the “high”/“low” reviews and focus on trends in the reviews
- Consumers are skeptical of business that only have positive reviews
- A few negative reviews in a group of largely positive reviews can actually increase sales (it makes the reviews more credible and helps consumers better gauge the potential downsides)
• If a doctor needs to take action, reach out to the unhappy patient. Often, a little positive attention will go a long way
• If necessary (and possible), rebut the review
- It may not be necessary; often, other patients will correct the wrong information without any prompting
- Many criticisms do not involve patient confidentiality at all
- If the negative statements implicate patient privacy, see if the review site has required patients to waive their privacy; contact the patient and ask for permission to respond; if not, you can always say “I can’t respond to the specifics of this situation due to patient privacy, but in X situation, my standard protocol is Y”
• Legal enforcement actions should be a last resort
- Streisand Effect
- Lawsuits may not be cost-justified + risk of paying defendant’s attorneys’ fees (anti-SLAPP laws)
- Doctors often lose in court + risk further antagonism by patient (i.e., malpractice complaints)
5) But what about fake reviews?
• Consumers are more savvy to fakes than we might give them credit for
- Many consumers are rightly wary of anonymous reviews
• Contact the review site. Fake reviews are an attack on their credibility
• If a doctor's competitor is gaming via fake reviews, consider contacting the FTC or state AGs. The FTC hates inauthentic online content!
_________
Prior posts on this topic:
* The Dangerous Meme That Won't Go Away: Using Copyright Assignments to Suppress Unwanted Content--Scott v. WorldStarHipHop
* Medical Justice Capitulates by "Retiring" Its Anti-Patient Review Contracts
* Updates on DoctoredReviews.com and Medical Justice
* Dentist Pays Sizable Penalty for Not Knowing 47 USC 230--Wong v. Jing
* Announcing DoctoredReviews.com, a Website Against Doctors' Efforts to Squelch Online Patient Reviews
* "Consumer Reviews of Doctors and Copyright Law" Talk Notes
* CA Anti-SLAPP Cases Involving Consumer Reviews as Matters of Public Concern
* Dentist Review on Yelp Gets Partial Anti-SLAPP Protection--Wong v. Jing
* Yelp Wins 47 USC 230 Dismissal of Dentist's Lawsuit--Reit v. Yelp
* Griping Patient Goes Too Far Posting Fake Content in Doctor's Name--Eppley v. Iacovelli
* Republishing Third Party Ratings in Marketing Material Might Be Copyright/Trademark Infringement--Health Grades v. Robert Wood Johnson Univ. Hospital
* Two 47 USC 230 Defense Losses--StubHub and Alvi Armani Medical
* Lifestyle Lift v. RealSelf Settles
* Lifestyle Lift Tries to Use TM Law to Shut Down User Discussions; Website Countersues for Shilling--Lifestyle Lift v. RealSelf
Posted by Eric at 09:38 AM Permalink | Content Regulation | TrackBack (0) | Printable Version
May 17, 2012
Trademark Trolling by SEO Consultant Provides Cautionary Anti-SOPA Tale (and Other Lessons)--Premier Pool Management v. Lusk
By Eric Goldman
Premier Pool Management Corp. v. Lusk, 2012 WL 1593206 (E.D. Cal. May 4, 2012)
Have I mentioned recently how much I hate SOPA? Today's case is a textbook example of why SOPA--and the things it stood for--were so objectionable to so many people. For SOPA proponents, especially those who falsely (or delusionally) argued that SOPA's tools would only be used by good guys to target bad guys, this case should be mandatory reading.
(This is a default judgment, so the judge relayed the unrebutted facts from the plaintiff's complaint, which I am further relaying here).
Premier Pool Management Corp (PPMC) provides lead generation services for the pool construction industry under the Premier name (the court doesn't use either the terms "lead generation" or "franchising," and I wasn't certain which one best described PPMC). Either way, as a trademark licensor, PPMC provides a variety of services to its licensees, including website management, SEO and other marketing services. PPMC tried to register its trademark but was blocked by a registration held by PPCI, a local Florida pool construction company operating under the Premier mark as well. The trademark registration at issue. In 2011, PPMC and PPCI negotiated a deal allowing PPMC to buy out PPCI's registration for $5k. The relatively low price reflected some doubts about whether PPCI ever made interstate use in commerce of the mark. Then, at the last minute, PPCI bailed out because an undisclosed higher bidder emerged.
Separately, PPMC retained SmartPro, run by the Lusk brothers Dean and Jason, as SEO consultants. I infer PPMC regrets this choice. During SmartPro's research on PPMC's SEO status, Dean discovered PPCI's trademark registration--and became the undisclosed higher bidder! They bought the PPCI registration for $140k with a "business plan" (if you can call it that) of asserting the trademark registration to extract cash from PPMC and 30 other pool construction companies nationwide using the Premier brand. Dean and his "partner" Leonard explained to PPMC how things were going to go:
* PPMC could help get its licensees to pay the Lusks and Leonard exhorbitant royalties to continue using the name "premier"; or
* PPMC could pay an "astronomical sum" to buy the trademark; or
* the Lusks and Leonard would go to the search engines and web hosting companies and shut down PPMC and its licensees.
(Cue the Godfather music and Marlon Brando slurring the words "offer he can't refuse." I half-expected to see references to a severed horse's head.)
PPMC declined this generous offer, and Dean made good on the promise/threat, sending a trademark cutoff notice to PPMC's web host Rackspace, which performed on cue and pulled the plug on PPMC's website. PPMC was able to get up-and-running with another web host, but I assume there was some scrambling and angst (not to mention costs/losses) associated with the transition.
PPMC sued the Lusks, who defaulted. Thus, the judge basically rules for PPMC across-the-board. The most interesting conclusion (again, on default) is that sending a cutoff notice to Rackspace constituted tortious interference with contract, a claim that has been rejected before in other circumstances (see, e.g., the Pandora dispute). The court also cancels the PPCI trademark registration (for lack of interstate commerce use), issues an injunction and awards attorneys' fees and costs.
Where to begin with a case like this? So many things went wrong, it's hard to keep them all straight.
Trademark in Laudatory Terms. At the root of it all is the trademarkability of a laudatory term like "premier." I think we'd be better off if we simply treated [laudatory term] [generic noun] as categorically unprotectable. Otherwise, we get junky trademarks like "Premier Pool Management" with dozens or hundreds of independent users throughout the country. Take a look at the Google search results for "premier pool" and see what a disaster that is. At minimum, I think laudatory trademarks should require secondary meaning, and I wonder how PPCI with its regional and declining customer base showed that. If we took secondary meaning seriously, it's probable that no one could trademark "premier pool management" on a nationwide basis.
Note: if you're looking for a paper topic, a thoughtful analysis of the protection for laudatory trademarks might be fruitful.
SEO Consultants Gone Rogue. This case fuels our fears that SEO consultants are just as likely to be foes as friends. SEO consultants often seem quite sketchy; they keep their cards close to the vest so they don't give any information away for free...plus, customers can't always tell which SEO consultants use black-hat practices. Here, PPMC's story goes far beyond just hooking up with a black-hat SEO consultant. The consultant actively went rogue on its customer--once the SEO consultant got a good look at the customer's business, it could quickly spot the customer's vulnerability and attempt to exploit the vulnerability for its own financial gain. This is the kind of nightmare so many customers fear when hiring SEO consultants!
If you're retaining an SEO consultant, this situation is a great reminder that you need to diligence your SEO consultant THOROUGHLY before retaining them--get referrals, check out any customer reviews, check their own SEOing skills (I couldn't conclusively find the SmartPro website in a quick Google search--not exactly a good sign), and do a background check! You'll be handling over the keys to your business and tons of confidential information to your SEO consultant, so double-confirm they deserve that trust.
Trademark Trolling. As described in the opinion, the Lusks were a classic trademark troll--they bought up weak trademark rights from a third party to build a "licensing"/enforcement business around extracting undeserved value from legitimate existing businesses using the term. The Lusks' trolling business is now kaput because the court canceled the trademark, but before the judicial intervention, the Lusks could cause plenty of mischief. Sadly, I doubt other trademark troll entrepreneurs will find anything in this case to deter them; a trademark's murky boundaries leave plenty of room for trollers to make mischief.
In general, buying up IP assets for the sole "benefit" of asserting them against others is a sketchy business. Trademark law is supposed to suppress such activity by requiring trademark sellers to transfer the goodwill with the trademark; but because this has become a lightly enforced formality, trademark trolling is possible. Even if judges don't enforce the goodwill transfer requirement, they should make all inferences against trademark speculators who buy-and-assert someone else's trademark. That's not what trademark law was designed to do, and it's easy to see how such over-assertions can wreak havoc on an industry.
Pam Chestek has more to say on the trademark problems underlying this case.
Web Host Pliability. The Lusks flashed a trademark at Rackspace, and Rackspace crumbled. It's hard to blame Rackspace given the de facto notice-and-takedown scheme that's emerged in secondary online trademark law (see, e.g., the Akanoc case), but Rackspace's pliability shows the agency problems inherent in a hoster-hostee relationship. The Lusks buy up a questionable trademark and make highly questionable assertions, but it's not worth it to Rackspace to defend its customers' interests. If anything, this situation shows how easy it is to use trademarks to disrupt legitimate customer-vendor relationships.
More importantly, the fact that Rackspace abandoned its customer in the face of a weak purchased trademark exposes several holes in the entire SOPA scheme. SOPA was built on the premise that legitimate IP owners would target illegitimate businesses. But here, an IP owner--using dubious rights it acquired for the sole purpose of legal showdowns--targeted a legitimate business and got the same results. SOPA's enhanced powers to IP owners, plus the cutoff-first/ask questions-second incentives for intermediaries built into SOPA, would only exacerbate that effect. As this case illustrates, we have plenty of problems to fix with the existing law; codifying and extending the IP owners' powers via SOPA would make the situation that much worse.
Posted by Eric at 09:00 AM Permalink | Derivative Liability , Trademark | TrackBack (0) | Printable Version
May 16, 2012
Groupon Defeats Trademark Challenge--Groupion v. Groupon
By Eric Goldman
Groupion, LLC v. Groupon, Inc., 2012 WL 1655728 (N.D. Cal. May 8, 2012).
Groupion makes CRM software. Groupon is the leading online daily deals provider. A year ago, Groupion sued Groupon for trademark infringement. Last Fall, the judge denied Groupion's preliminary injunction request, signalling that Groupon could win with a summary judgment motion. Groupon followed through with the motion, which the judge granted, easily rejecting all of Groupion's contentions. The judge also rejected Groupion's cancellation request and independently ruled that Groupion wouldn't be entitled to monetary relief even if it won.
The opinion doesn't break a lot of new ground from the preliminary injunction dismissal. The court reinforces the linguistic differences between Groupion and Groupon, The court also rejects the similarity between the companies' offerings, even though Groupon added some tools (Groupon Rewards and Groupon Scheduler) that have some CRM-esque aspects. The court says "Despite the fact that Groupon now provides its business customers some information about the consumers who purchase its products through Groupon, and provides a calendaring program, the Court finds that this small potential overlap of services does not render Groupon's and Groupion's products to be related to the point that consumers would be confused as to their source."
In a footnote, the court says it's irrelevant that Google auto-corrects Groupion into Groupon:
Groupion, again without any citation to supporting evidence, argues that because searches on the Google search engine for “Groupion” produce results from “Groupon,” the companies share similar marketing channels. This argument does not assist Groupion. In addition to Groupion's fatal failure to cite to supporting evidence, the fact that a third party might suggest an alternative search based on the similarity of the spelling of Groupion and Groupon does not show that the two companies use similar means of marketing their products and services.
I defended this point about the irrelevancy of third party associations in my 2005 Deregulating Relevancy article.
It's hard to draw big lessons from a case like this, especially when there was a whiff of trademark trolling in Groupion's efforts. I have a more insightful lesson from trademark trolling coming in an imminent blog post.
Posted by Eric at 08:48 AM Permalink | Trademark | TrackBack (0) | Printable Version
May 15, 2012
Granick on CISPA's Deficiencies (With Some of My Own Comments)
By guest-blogger Jennifer Granick (with comments from Eric)
[Eric's introduction: Some guest visitors to the blog need no introduction, and that surely describes Jennifer Granick (her Wikipedia page). She's cast huge shadows over cyberlaw in her various stints, including being a leading criminal defense attorney for technology crimes, an EFF attorney and director of Stanford's Cyberlaw Clinic. I'm so glad Jennifer was willing to share her unique perspective on CISPA. I have some remarks after hers. Jennifer has also posted a supplemental line-by-line commentary of CISPA.]
The Cyber Intelligence Sharing and Protection Act ("CISPA") is the latest example of a depressingly common situation in Washington DC -- well-meaning legislators unfamiliar with technology try to rush through a statute about a high-profile Internet issue (here, cybersecurity). Proponents of the bill say they want to faciliate information sharing between the federal government and the private sector. What they don't seem to understand is that existing laws already permit most kinds of cybersecurity information sharing. In their eagerness, the supporters of CISPA would undermine our existing system of accountability for sharing of private data and, by doing so, cause a number of unintended consequences that would harm both state and federal efforts to protect consumer privacy.
CISPA's Unintended Consequences: I firmly believe sharing cybersecurity information is a public good, which is why I have made a career of representing security professionals and hacker hobbyists who want to investigate and report on vulnerabilities. But CISPA (1) fails to comprehend the ways in which existing laws allow sharing, but with accountability; (2) runs roughshod over federal and state laws protecting privacy; (3) could inadvertently immunize retaliatory hack-back security techniques; and (4) creates an "inner circle" of private entities willing to share and share alike with the government, but leaves disfavored service providers in the cybersecurity dark.
(1) Current Law Does Not Interfere With Sharing for Security Purposes: The vast majority of what security professionals consider cybersecurity information is not personally identifing or protected from sharing by any law. Attack signatures, vulnerabilities, exploits and other classic computer security data are freely shareable. For the subset of data that may identify a particular individual, existing laws allow sharing. The most relevant laws, the Wiretap Act and the Electronic Communications Privacy Act, allow a provider to collect and share data for protection of the providers' rights or property. It is true that such sharing is subject to minor but long-standing privacy-enhancing conditions* which CISPA would simply dispose of.
[*FN: My line by line analysis of CISPA (link) highlights where in the text safeguards and dangers would be codified. I strongly oppose this legislation, but can envision a much better, streamlined, privacy respecting, bill that accomplishes the purported cybersecurity purpose.]
As for information protected by HIPAA, VPPA or FERPA, one would not ordinarily think such data is subject to CISPA disclosure and use, except that CISPA specifically calls out sensitive health, educational, firearms, library and bookstore records as the kind of information that private entities can be expected to disclose. Otherwise private information, including video rental records, book rentals, newspaper subscriptions, online reading or data protected by state consumer protection laws (like utility usage records) may freely be shared under CISPA, despite existing privacy rules and sharing safeguards.
(2) State Governments Should Oppose CISPA: States, especially California and New York, protect consumers and consumer privacy with statutes regulating the collection, use and disclosure of sensitive information. Such California laws include electronic surveillance statutes, Shine the Light notifications, Smart Meter utility data protection, the Financial Information Privacy Act, the Reader Privacy Act, Security of Personal Information Law and more. While a comprehensive review of state consumer protection rules that could be preempted by CISPA is beyond the scope of this blog post, it isn't hard to see how California, New York and other states might have serious, perhaps fatal, reservations about CISPA as it currently stands.
(3) CISPA Could Categorically Immunize Even Reckless, Privacy Invasive or Damaging Cybersecurity "Active Defense" Techniques. The definition of cybersecurity system is broad enough to include common "active defense" techniques like remote exploit of an attacking system in order to collect data about the attack, or denial of service attacks to take the offending system offline. For more discussion of those kinds of defenses, see this article in The Atlantic. The statute then categorically immunizes good faith use of such cybersecurity systems. So entities that recklessly use active defense or "hack back" technologies to exploit, disable or destroy attacking machines, even when those machines are innocent zombies controlled and misused by the actual attacker, have no incentive to behave responsibly.
(4) The Cybersecurity One Percent: CISPA sets up a heirarchy of network and service providers. At the bottom are those owned and operated by individuals, who get nothing out of the statute. Next are those entites the government doesn't feel like sharing with, for whatever reason--including the retaliatory motivation that the company hasn't been forthcoming with its own cybersecurity (and customer) data. At the top are the golden firms that get preferrential treatment in the form of state-of-the-art security information. The big businesses that support CISPA probably think they are going to be in the room and get the shiny apple. But CISPA instantiates inequities that the computer security community has been managing for over twenty years, problems which inevitably arise from secretive and selective distribution of important security information. See e.g. Schneier, "Full Disclosure of Security Vulnerabilities a 'Damned Good Idea" (Jan 2007); Microsoft Security Response Center: Announcing Coordinated Vulnerability Disclosure (July 22, 2010); National Infrastructure Advisory Counsel, Vulnerability Disclosure Framework (January 13, 2004); Andy Greenberg, Meet The Hackers Who Sell Spies The Tools To Crack Your PC (And Get Paid Six-Figure Fees), Forbes, March 21, 2012. CISPA proponents neither understand nor address the complexities of acheiving the worthy goal of cybersecurity information sharing.
________
Comments from Eric
Many commentators have drawn parallels between CISPA and SOPA, even though they putatively address very different issues (cybersecurity and IP infringement, respectively). I'd like to unpack some of the parallels. The most obvious parallel between the two laws: who thinks up crazy shit like this? As a prize for their creative thinking, the architects of CISPA and SOPA should get a one-way ticket away from Washington DC. Two other parallels between CISPA and SOPA:
1) No use case. I never understood SOPA's use case. Only one target was named: The Pirate Bay. However, the way it was drafted, SOPA wouldn't have applied to The Pirate Bay. So if SOPA was intended to shut down The Pirate Bay but the statutory drafting didn't reach that far, then the statute lacked any clear justification--and especially no payoff that would justify its multitudinous adverse collateral consequences.
Similarly, I'm not clear what problem CISPA is designed to solve. Indeed, some have said CISPA is a solution in search of a problem. If we can't define the problem clearly and succinctly, it's a good sign that either there's no justification for the law, or (more likely) someone is gaming the legislative system for their own benefit.
CISPA and SOPA have another parallel on this front: we don't understand the use case because the proponents never thought they had to justify the statute. In SOPA's case, the copyright owners expected members of Congress to pass the law without serious questions, which almost happened. When the copyright owners have so many financially supported friends in the corridors of power, they don't need to provide specific rationales for their requests; it's simply enough that the copyright owners wanted it, and their patrons are expected to deliver the quid-pro-quo on demand.
CISPA may not been such a blatant case of rent-seeking, but it too was designed to proceed without opposition because it was part of an anti-cyberwar effort. For reasons that remain entirely unclear to me, many DC insiders apparently have convinced themselves that we are waging a surreptitious cyberwar that the bad guys are winning. Perhaps there really is a cyberwar raging behind the scenes, but evidence of a cyberwar sure hasn't leaked outside the DC insider community. This makes me wonder if maybe there's a little too much paranoia running around in DC. Or, maybe there's rent-seeking behind the efforts to hype the cyberwar threat?
Worse, to the extent CISPA is an anti-cyberwar effort, it is poorly designed for that effort. At minimum, its definitions are way too broad to address just cyberwar concerns. One of my biggest objections to CISPA is that it defines cybersecurity issues to include ordinary Internet activities such as competitive scraping and sharing of copyrighted materials. The broad sweep of the bill only reinforces the lack of a clear use case about the problem it's trying to solve.
2) Hack of the Internet's infrastructure. SOPA attacked the Internet's basic infrastructure. Putting aside the poorly conceived domain name cutoff provisions that would have undermined the DNS's stability, SOPA was designed to deputize intermediaries to resolve problems they had little financial incentive to handle carefully. The result would be a massive circumscribing of socially legitimate behavior by intermediaries asked to intervene in problems they didn't care about.
In a different way, CISPA also hacks up the Internet's infrastructure. Over the decades, we have developed a delicate system of checks and balances on the government's ability to monitor its citizens' behavior. CISPA would completely gut that system, giving the government virtually any online information it wanted whenever it wanted it without meaningful restrictions on the government's ability to misuse the information. Thus, CISPA engages in the worst kind of Internet exceptionalism by turning the Internet into an all-you-can-eat smorgasbord buffet of information for ever-curious government officials, while presumably a more robust checks-and-balance system would still be in place offline. Making the Internet worse is not what we as Internet users want!
The resulting public outcry against SOPA and CISPA demonstrates that. The public at large does not want technologically clueless members of Congress messing up the Internet's infrastructure for uncertain/unclear payoffs. We give a lot of deference to Congress to screw things up, but when it comes to wrecking the Internet, THAT'S worth fighting against.
Posted by Eric at 02:07 PM Permalink | Copyright , Derivative Liability , Privacy/Security | TrackBack (0) | Printable Version
A Twitter Exception for Defamation?
[Post by Venkat Balasubramani]
William Charron pubished a short piece for the Berkeley Journal of Entertainment and Sports Law that caught my eye (“Twitter: A “Caveat Emptor” Exception to Libel Law” [pdf]). His central point:
Twitter’s characteristics and limitations should negate any expectation of a “reasonable reader” that Twitter is a repository or stand-alone facts and unassailable “truth.” To the contrary, Twitter is a free-for-all marketplace for stream-of-consciousness thoughts and exclamations, and for unguarded and unedited personal observations, discussion, and entertainment.
Charron highlights the difference between fact and opinion in defamation law generally, and notes that courts have historically looked to context in determining whether something is reasonably understood to be “figurative” or “hyperbolic.” According to Charron, courts have taken this approach when reviewing defamation claims based on statements in chat rooms, message boards, and blogs. As one example, Charron cites to Sandals Resorts International Ltd. v. Google, where the court noted that:
Readers give less credence to allegedly defamatory remarks published on the Internet than to similar remarks made to other similar [and in particular to] posted remarks on message boards in chat rooms [and] blogs.
Charron does account for the possibility that a Twitterer “could find a way in 140 characters . . . to libel someone,” and in these circumstances a “there should be no “automatic immunity from a claim of libel.”
__
It’s a short piece that raises interesting issues.
My read of the situation is that it’s too early to tell whether courts are more apt to view statements online (and on Twitter) as more likely to be opinion than fact. Courtney Love’s lawyers telegraphed that they would rely on a defense along these lines, but the case never went to trial so a court hasn’t squarely addressed the question and addressed some of the surrounding issues. (As reported by Eriq Gardner, the court tentatively dismissed Love's defense: "Judge Rejects Courtney Love's Defamation Theories in Twitter Lawsuit.") For other cases relying on this theory in the context of online posts, in addition to Sandals Resorts, see DiMeo v. Max and Finkel v. Dauber.
One question this raises, is: what perspective does the court use when it evaluates context and makes the determination of whether something is hyperbole or would reasonably be viewed as a statement of fact? A reasonable person who is familiar with and who uses Twitter, or someone who is not familiar with the nuances of Twitter, its shorthand, and culture? I would guess the latter, given that tweets are often publicly disseminated and reported on outside the ecosystem, but if it's the former, litigants may have their work cut out form them in educating judges on the nuances of Twitter.
A big contingent of Twitter uses it to banter and snark, but at the same time, it’s become a go-to source of factual information. While context is undoubtedly important, a tweet should have the capacity to defame in the same way that an email, Facebook post, or an off-hand comment does. I’m not saying that Charron is arguing for the adoption of a default rule of immunity based on opinion, but I can’t see courts going this route anyway. It would be an unwarranted case of "Twitter exceptionalism" to adopt this rule for Twitter but not for other online communications generally.
A few related points.
Defamation by Tweet raises the question of whether linking to something that is defamatory is itself defamation. I’m not aware of a definitive answer to this question, although in the pre-Twitter context, republication of a defamatory statement without sufficient qualification can be defamatory. How about defamation by Retweet? (You know there’s a reason why everyone has that “RTs don’t = endorsements" in their bio!) This is probably getting too far in the weeds, but should it matter whether someone uses the old or the new style Retweet? (It's worth noting that there's a likely Section 230 defense here.)
It’s also worth looking at the online threat cases to see whether courts have treated online threats different from off-line threats. I’ve blogged about a slew of cases involving convictions for online threats, and courts in those cases don’t seem very willing to look at the context of an alleged threat and conclude that a reasonable person familiar with the context would not have viewed the statements as threats. (See, e.g., US v. Jeffries (currently on appeal)); US v. Stock (craigslist threats) and Holcomb v. Virginia; but see US v. Cassidy ("indictment for Twitter harassment is unconstitutional")).
Finally, there's the issue of damages. Jeffrey Hermes has a great post at Citizen Media asking how we "should measure damages for defamation over social media." Pointing to the recent $13.78 million jury verdict based on "an extended campaign of [online] defamation," Jeff notes that the verdict in that case does not allow us to measure what portion was tied to reputational injury and what portion was intended to redress emotional damages. Turning to the reputational injury, he asks some interesting questions about how to evaluate damages when the defendant makes repeated defamatory statements (e.g., is there some loss of credibility to the poster who makes 100 negative posts, as opposed to 10?).
Posted by Venkat at 10:05 AM Permalink | Content Regulation | Printable Version
May 14, 2012
The Dangerous Meme That Won't Go Away: Using Copyright Assignments to Suppress Unwanted Content--Scott v. WorldStarHipHop
By Eric Goldman
Scott v. WorldStarHipHop, Inc., 2012 WL 1592229 (S.D.N.Y. May 3, 2012)
Copyright law wasn't designed as a privacy enhancing doctrine, but sometimes plaintiffs try to repurpose copyright law anyway. This case is an interesting illustration of how copyright law might be used to reverse-engineer a right to forget, using legal tactics not dissimilar to those advocated (and later renounced) by Medical Justice. As such, this case provides an early warning sign of an emerging attack on publicly available truthful information using copyright law chicanery.
In November 2010, Scott's girlfriend and ex-girlfriend got into fisticuffs in a classroom. Scott joined in the melee and hit his ex-girlfriend multiple times. A classmate, Seymour, videotaped the altercation. Seymour then sent the video to the WorldStar website, which posted the video as "Disgraceful: College Fight In NYC Breaks Out Between A Guy, His Girl & Another Girl In Class! (Man Strong Arm's The Student. Hitting Her With Body Shots)." Unfortunately, the opinion is cryptic about whether Seymour posted the video directly or submitted the video to WorldStar for their posting--it would make a difference to the copyright analysis. The video appears to be offline now.
Then, things get really interesting. In December 2010, Seymour assigned the video's copyright to Scott. The opinion doesn't say why. It could be that Scott paid Seymour for this assignment as a cheap way to get legal control over the video; or it could be that Scott coerced Seymour into transferring the copyright to settle a lawsuit threat. Once armed with the copyright, Scott sent 512(c)(3) takedown notices to the websites hosting or linking to the video. See, e.g., this one to Twitter. Scott sent a defective takedown notice to WorldStar, which didn't respond in 12 days, at which point Scott sued. WorldStar brought a 12(b)(6) motion to dismiss. The court rejects the dismissal motion for the copyright claim and grants it for the publicity rights claim.
Copyright. WorldStar argued that Seymour granted it a license to the video before Seymour's copyright transfer to Scott, and thus Scott's acquisition of the video was subject to the then-existing license. The court rejects this argument because WorldStar didn't adequately show it had the required written license (required by 17 USC 205(e) necessary to withstand a subsequent acquisition).
This reinforces the importance of the facts around how WorldStar obtained the video. The opinion doesn't indicate if Seymour clicked through a mandatory non-leaky clickthrough agreement. If WorldStar used a mandatory non-leaky clickthrough agreement, then I'd argue (per UETA/E-Sign) that in fact there was a written license agreement in effect before the Seymour-Scott transaction. However, for WorldStar's argument to work, the license would need to be irrevocable. Otherwise, even if the license survived the acquisition, Scott can simply revoke the license post-acquisition. So while I think most UGC websites will have a "written" license sufficient to withstand the 205(e) attack, I think most UGC websites also don't have strong enough EULA provisions about retaining UGC once posted to avoid this attack. Note that users' rights to remove the videos they uploaded might be located in either the EULA or privacy policy, so both documents would need to be reviewed to reach a conclusion.
WorldStar also argued that Scott sent a defective 512(c)(3) takedown notice, and thus it never got the requisite knowledge of infringement. However, WorldStar didn't argue that it requested Scott resubmit a compliant notice as possibly required by 512(c) (given the nature of the alleged notice defects), and thus WorldStar can't get a 12(b)(6) dismissal on this point.
Publicity Rights. Scott's New York state publicity rights claim fails because Scott didn't allege WorldStar used the video for advertising purposes, and WorldStar's other activities were protected under the state law's newsworthiness exception. While dismissal is the right outcome, relying on the newsworthiness exception is a little disquieting. The newsworthiness exception applies often in content lawsuits (see, e.g., Parisi v. Sinclair and the trademark case BidZirk v. Smith) but not always. See Fraley v. Facebook as an example of how the newsworthiness exception has its limits. A much better grounds for dismissal would be the lack of commerciality in the video; Seymour had no obvious commercial interest in the video, and WorldStar had no more commercial interest in the video's "editorial content" than an ad-supported newspaper has a commercial interest in its editorial content.
Implications. This lawsuit provides a protocol for folks trying to suppress truthful negative information--acquire the copyrights to the content containing the unwanted information, and then use the newly created threat of copyright infringement to force that information off the Internet. While this is a disconcerting protocol, it probably won't work in all circumstances. For example, the protocol probably works better for visual/aural content than purely textual content because (a) people need to see/hear some things with their own eyes/ears, and (b) it's much easier for others to extract and repeat textual information without running afoul of copyrights. Nevertheless, the post-publication acquisition protocol works even better than Medical Justice's now-retired pre-publication acquisition approach because it doesn't rely on legally dubious pre-assignments of not-yet-extant works, plus it can be activated only in response to specific problematic content. Thus, we need to vigilantly monitor the ecosystem for potential abuses of this protocol.
UGC sites (and especially review sites) could undercut the protocol by restricting users' ability to take down content in response to legal duress. Ripoff Report famously provides its authors with no power to delete their reviews, an aggressive and sometimes questionable move that does avoid the problems identified here. If a blanket restriction on users' editing/deleting of their own content is too strong, UGC sites could limit this attack by restricting editing/deleting if the author assigns/transfers the copyright in the work, i.e., a kind of springing conditional irrevocability to the user's license to the UGC site if the user transfers the copyright. I doubt many UGC sites will undertake such an effort now, but if we see widespread misuse of the protocol, UGC sites should undertake more drastic measures to preserve their sites' integrity.
For more on the social values that this protocol threatens, see my essay on the Regulation of Reputational Information.
Posted by Eric at 09:15 AM Permalink | Content Regulation , Copyright , Derivative Liability , Licensing/Contracts , Publicity/Privacy Rights | TrackBack (0) | Printable Version
May 12, 2012
New York Judge *Slams* Bittorrent Copyright Plaintiffs – K-Beech; Malibu Media; and Patrick Collins v. Does
[Post by Venkat Balasubramani]
K-Beech, Inc. v. Does 1-37, CV 11-3995 (E.D.N.Y.)
Malibu Media, LLC v. Does 1-26, CV 11-1147 (E.D.N.Y.)
Malibu Media, LLC v. Does 1-11, CV 11-1150 (E.D.N.Y.)
Patrick Collins, Inc. v. Does 1-9, CV 11-1154 (E.D.N.Y.)
Order & Report & Recommendation (May 1, 2012)
A trio of bit torrent plaintiffs were smacked around (somewhat brutally) by a federal judge in New York last week. The order addressed requests for early discovery filed by plaintiffs in three separate copyright lawsuits involving approximately 50 Doe defendants. It also addressed the requests of Doe defendants to quash subpoenas which were issued in a fourth action after the plaintiff obtained leave to issue early discovery.
The order is scathing and takes more than a few shots at K-Beech’s “rambling motion papers [that] often lapse into the farcicial.”
End result: the court dismisses one case in its entirety, and cuts the remaining three cases down to one Doe defendant, finding that joinder is improper.
Here is a summary of the key points in the court’s order:
1. An IP address does not conclusively identify an infringer: the court says that unlike in a university setting or in earlier times, these days, given the proliferation of wi-fi, the fact that someone’s IP address was connected to allegedly infringing activity does not mean that the person whose IP address was used is the infringer. (“[A] single IP address usually supports multiple computer devices – which unlike traditional phones can be operated simultaneously by different individuals.”) Accord Johnson v. Microsoft Corp., 2009 WL 1794400 (W.D. Wash. June 23, 2009); in contrast, the FTC considers IP addresses to be personally identifiable information. (For what it's worth, more than a few courts have accepted the view--at least at the early stages of litigation--that an IP address identifies the putative infringer.)
2. Improper litigation tactics: at least one of the plaintiffs (K-Beech) engaged in improper litigation tactics. One of the Doe defendants contacted K-Beech to try to resolve the dispute. Apparently, K-Beech employed the usual threat that a defendant’s name could be tied to a porn lawsuit and persuaded the plaintiff to provide (under the auspices of settlement) “unfettered access to [Doe’s] computer . . . employment records [etc.]” K-Beech then failed to respond to the Doe defendant's communications regarding settlement. In response to Doe’s allegations, K-Beech’s counsel failed to present proof that it or its investigators didn't engage in this conduct. The court notes that Doe’s experience mirrors the experience of at least one other Doe defendant in a file-sharing case in New York. The court is not happy:
[t]his course of conduct indicates that the plaintiffs have used the offices of the Court as an inexpensive means to gain the Doe defendants’ personal information and coerce payment from them.
3. No copyright registration: the same plaintiff who engaged in the tactics referred to above did not have an actual copyright registration—it sought to rely on an application for registration (which is not sufficient in the Second Circuit). Although K-Beech was smacked down for this reason in another case in New York, it tried to remedy this by adding “conclusory trademark claims.” [??] When K-Beech's briefing veered into discussing reputational harm from unauthorized downloads, the court in a footnote points out that the owner of K-Beech doesn’t necessary have the most stellar reputation:
it is worth noting that the owner of K-Beech Inc. (and apparent inspiration for the K-Beech mark) is Kevin Beechum . . . . It appears that this is the same Kevin Beechum who testified in federal prosecutions about his experience vandalizing adult retail video stores to help extort protection payments from their owners.
D’oh!
4. Joinder is inappropriate: the court says that plaintiffs should not be able to sue multiple defendants in the same suit. Plaintiffs tried to rely on the “swarm” theory--which has been accepted by some courts and rejected by others--under which file-sharing defendants who were a part of the same interactions can be sued together in the same lawsuit. Here, the court notes that plaintiffs’ own allegations undermine their swarm theory. For example, the downloads were often weeks or months apart:
even assuming that the John Does are the actual infringers, the assertion that defendants were acting in concert rests upon a thin reed.
The court declines to exercise its discretion to join the Doe defendants together.
5. Plaintiffs trying to avoid separate filing fees: the court notes that plaintiffs have avoided more than $25,000 in filing fees by filing mass-defendant lawsuits, as opposed to suing the Doe defendants individually. When you take other cases in the same district into account, this amount is closer to $100,000. (The court notes that this approaches millions when the suits nationwide are considered.)
6. Don’t try to take the moral high-ground, porn plaintiffs:
In its papers, counsel for K-Beech equate its difficulties with alleged piracy of its adult films with those faced by the producers of the Harry Potter books, Beatles songs and Microsoft software, and compare its efforts to collect from alleged infringers of its rights to the efforts of the FBI to combat child pornography. In an ironic turn, the purveyors of such works as “Gang Bang Virgins,” explain how its efforts in this matter will help empower parents to prevent minors from watching “movies that are not age appropriate.” . . . It is difficult to accord plaintiff, which features “Teen” pornography on its website, the moral high-ground in this regard.
__
Ouch. As mentioned above, the court dismisses K-Beech’s lawsuit sua sponte in its entirety. The dismissal is without prejudice, but K-Beech should think twice about filing another file-sharing lawsuit in New York. The other defendants can pursue cases against defendants on an individual basis (they must file separately), and the Does (other than unlucky Doe No. 1) are dismissed from the three lawsuits. The court appears open to appointing counsel from its pro bono panel for Doe No. 1 (and I’m guessing future Doe plaintiffs).
There are a slew of these lawsuits pending around the country so it’s tough to say anything definitive, but courts certainly seem to be reaching the boiling point with bittorrent plaintiffs (the abusive litigation tactics don’t help). Check out the TorrentLawyer blog for a few recent examples:
- Malibu Media, LLC cases go down in FLAMES in Virginia
- THIRD DEGREE FILMS, INC. attorney perhaps facing a THIRD DEGREE FELONY
Also, as a follow up to the case in New York, Twitter user "fightcopyrighttrolls" reports on what seems to be an inexplicable strategic decision by lawyers for one of the plaintiffs in this case.
[A note to lawyers: judges compare notes, directly or indirectly.]
Other coverage:
Ars Technica: Furious judge decries "blizzard" of copyright troll lawsuits
Torrent-Freak: Judge: An IP-Address Doesn’t Identify a Person (or BitTorrent Pirate)
Previous posts:
Court Nukes Another Mass Defendant File-Sharing Lawsuit -- Digiprotect v. Does
Copyright Doe Defendant Can’t Quash Disclosure Subpoena Anonymously—Hard Drive Productions v. Does
Posted by Venkat at 09:48 AM Permalink | Copyright , Privacy/Security | Printable Version
May 10, 2012
An Unmasking Effort Gets Gutted Some More – Art of Living Foundation v. Does
[Post by Venkat Balasubramani]
Art of Living Foundation v. Does, 10-cv-05022-LHK (N.D. Cal.; May 1, 2012)
I posted earlier about the Art of Living Foundation’s (AOLF) efforts to unmask online critics (posting psueudonymously as ‘Skywalker’ and ‘Klim’). In early rulings, the court rebuffed AOLF’s efforts. AOLF originally brought defamation and trade secrets claims. The court held that any allegedly defamatory statements were protected opinion, and that AOLF failed to identify trade secrets with particularity. The court also stayed discovery of defendants’ identities, finding that the balance of equities favored the preservation of anonymity. (Here's my prior blog post on the case: "Spiritual Group's Attempt to Unmask Online Critics Goes South.")
AOLF filed an amended complaint, dropping the defamation claims but adding claims for copyright infringement. The amendment also specified the allegedly misappropriated trade secrets. With respect to the copyright claim, AOLF alleged that republication of certain “lesson plans” by the Doe defendants constituted copyright infringement and misappropriation of trade secrets.
In a further development in this lawsuit, the court granted the Does’ request to dismiss the copyright claims. The trade secrets claims largely survive, although the court notes that they aren’t the strongest.
Copyright claims: AOLF did not present any evidence that one of the two defendants was involved in any way in republishing the lesson plans, or related notes, so this defendant (Klim) is awarded summary judgment. Skywalker, the second Doe defendant, admitted to posting the text of the lesson plans on his blog. Although he wasn’t entitled to summary judgment on the same basis as Klim, he challenged AOLF’s ownership of the copyrights at issue.
The court finds that the registration certificate presented by AOLF was not prima facie evidence of ownership (because the registration was obtained more than five years after publication). The court goes on to find that the AOLF entity that brought the copyright claim was not the owner of the copyrighted material. There’s an Indian AOLF entity, and one of the declarations let slip that the lesson plans at issue were created “for the benefit of the Art of Living Foundation in India with the understanding that the Art of Living Foundation in India would own [all of the rights to the lesson plan].”
AOLF (US) also tried to argue that the Indian entity assigned the US entity the copyright, but AOLF (US) failed to produce any written record or an assignment, or even that such a writing existed. Even a confirming email would have been plenty, but for whatever reason AOLF (US) was unable to muster evidence on this point.
Trade secrets claims: Defendants continue to batter away at AOLF’s trade secrets, but the court finds that AOLF made the minimal necessary showing that its teaching methods: (1) have independent economic value and are not generally available; and (2) are the subject of reasonable confidentiality restrictions. In particular, AOLF came forward with evidence that although the teaching methods were drawn on “conventional concepts and terminology of Hindu mysticism,” AOLF “incorporate[d] many additional and novel elements.” With respect to confidentiality, AOLF alleged that it required its teachers to sign confidentiality agreements. Although the court expresses some skepticism about the overall merits of AOLF’s trade secrets claims, those claims are sufficient to move forward at this time. However, the court does include language in its order inviting defendants to move for summary judgment on the issue of whether AOLF’s information is truly a trade secret, or indistinguishable from general knowledge of the public or those skilled in the relevant field. The court also raps AOLF on the knuckles for trying to take a third bite at the designation of trade secrets apple. AOLF already submitted an amended designation of trade secrets and sought to amend this designation again. The court says that although it will allow the amendment, this is the last time (“the court puts [AOLF] on notice that this is its final opportunity to amend its trade secret designation with particularity”).
Finally, the court grants the motion to strike as to Klim, finding that AOLF put forth no evidence that Klim was involved in any way in the alleged dissemination of AOLF trade secrets.
SLAPP fees: Finally, the court grants defendants' request for fees as to the defamation/trade libel claim. Although AOLF amended its complaint and dropped the defamation and trade libel claims, there was no evidence that AOLF achieved its goals with respect to these claims through other means. AOLF’s amendment of its complaint to exclude the defamation and trade libel claims was “tantamount to a voluntary dismissal.” (Defendants brought a motion to dismiss and a motion to strike and the court earlier granted the motion to dismiss but declined to reach the merits of the motion to strike.) End result: defendants can seek fees for dismissal of the defamation and trade libel claims.
_____
This is another example of how things can go wrong when someone tries to squelch speech online. Granted, in countless other cases, these types of claims would have resulted in default judgments without anyone batting an eye, but the Does were represented by counsel (and both Public Citizen and EFF appeared as amici). As a result, the balance of power changed significantly. (It also helps to have a thoughtful judge—in this case Judge Koh—who takes a close look at the issues and seems mindful of the speech implications of the judge's rulings.)
It’s interesting that AOLF’s efforts to unmask the Does were premised in part on AOLF’s copyright claims. These turned out to be insufficient at the end of the day. Courts routinely grant requests to unmask Doe defendants when copyright claims are involved, but this ruling is a reminder that judges should take a close look at those requests, even when the other side may not be represented by counsel. For another example, see Maximized Living v. Google.
Finally, the court’s order makes a reference to how many times the webpages containing the alleged trade secrets were viewed: 147 and 351 in July and August 2010, respectively (before the pages were removed in response to a takedown request sent to WordPress). Given the cloud around AOLF’s copyrights and the multiple entities involved (the takedown request was sent from Vyakti Vikas Kendra India), one wonders about the propriety of the takedown requests. But setting this aside, these statistics raise the question of whether AOLF’s significant expenditure of fees to squelch criticism of it was even remotely worth it. (I would be shocked if their answer today was “yes”.) Compare Pitale v. Holstine.
Given the court’s ruling on the fees issue, and its hints around the strength of AOLF’s trade secrets claims, this case should quickly head towards a settlement. The big question is whether everyone will just go their separate ways, or if AOLF will be writing a check to the Does (or their counsel).
Posted by Venkat at 01:37 PM Permalink | Content Regulation , Copyright , Privacy/Security , Trade Secrets | Printable Version