February 04, 2010

Family Members Have Common Law, Federal Privacy Rights in Death Images

Marc Randazza's 2009 post about privacy, class warfare, reputation pimps, mindless mass media and hypocrisy, The Catsouras Photos, Privacy, and Privilege, is one of the most passionate pieces of law blogging I've come across online. I feel the same way about California Court of Appeals Justice Eileen Moore's opinion in Catsouras v. Dept. of the California Highway Patrol, No. G039916 (Calif. Ct. App. Jan. 29, 2010), a decision in which the justice, who was clearly upset over the grim facts and inexcusable behavior that permeated this case, picked privacy over the public's right to know, issuing three novel privacy rulings along the way.

Living Family Members Have Common Law Rights in Death Images. Catsouras held that family members of a young woman who was decapitated in an auto accident had a common law privacy right that was violated when police officers e-mailed to friends photographs they had taken of the dead girl. Naturally, the photos quickly found their way to the broader internet and were posted on more than 2,500 websites.

The common law right identified by Catsouras sprung from an unusual source -- a the "unwarranted invasion of personal privacy" exemption in the federal Freedom of Information Act, 5 U.S.C. 552(b)(7)(C). In National Archives and Records v. Favish, 541 U.S. 157 (2004), the U.S. Supreme Court held that the public release of death images constituted an unwarranted invasion of the privacy rights of living family relatives. In National Archives, the high court recognized a common law right of family members' privacy in death images, concluding that the FOIA privacy exemption should be at least as protective.

The court quickly passed over the objection that photos of the decedent were public rather than private: "Here, the picture painted by the second amended complaint is one of pure morbidity and sensationalism without legitimate public interest or law enforcement purpose."

Living Family Members Have Constitutional Privacy Rights in Death Images. The Catsouras court also held -- at least I think it did, the ruling is a little unclear on this point -- that the plaintiffs have a federal constitutional right to privacy in the images of the deceased. The right was recognized, the court said, in National Archives and in Melton v. Hamilton County Board of Commissioners, 267 F. Supp.2d 859 (S.D. Ohio 2003), a case in which the court held that the commercial use of photographs of a dead body "may be actionable" under federal civil rights laws. Catsouras ultimately ruled that, because the privacy rights it found existed here were not "clearly established" at the time of the defendants' actions, the defendants were entitled to immunity on the plaintiffs's constitutional privacy claim.

Law Enforcement Officers Owed Family Members Tort Duty to Not Put Death Images on Internet. Taking up the plaintiffs's claim for negligent infliction of emotional distress, the court held that law enforcement officials "owed a duty of case to plaintiffs not to place decedent's death images on the Internet for the lurid titillation of persons unrelated to official [highway patrol] business."

The Catsouras case was remanded to the trial court, where a jury or a negotiated settlement will put a price tag on what happened here. The California Highway Patrol has no insurance for these liabilities, according to their attorneys, so the taxpayers will bear the cost of the patrolmen's misconduct. And now that these common law and federal rights have been identified (or "discovered" or "invented," depending on your point of view) by Catsouras, will be incumbent on police departments across the country to take a hard look at their own procedures for handling crime scene photography.

Posted by Thomas O'Toole on February 04, 2010 in Privacy | | Comments (0)

February 03, 2010

Court Finds Constitutional Significance in Defendant's Failure to Password-Protect Home Wireless Network

Taking a few moments to secure a residential wireless network with a password is a good idea, a fact recently noted by the Federal Trade Commission. An open network is an invitation for piggy-backers and data thieves.

Who knew that password-protecting a wireless router also had constitutional significance? According to a recent court decision from Oregon, the failure to password-protect a wireless network can diminish the extent to which the Fourth Amendment protects computers and information on that network from government searches.

In United States v. Ahrndt, No. 08-cr-468 (D. Ore. Jan. 28, 2010), a federal trial court held that a child pornography suspect had no constitutionally protected privacy right in the files found on his personal computer, stored in a shared iTunes folder fed by a Limewire account, accessible by a neighbor who was piggybacking on his unsecured wireless network.

Limewire account. iTunes software configured for sharing. Unsecured wireless network.

Together these facts convinced the court that the Fourth Amendment was not violated when a local sheriff, acting without a warrant, used the defendant's unsecured wireless network to search the defendant's computer for child pornography. The court saw the situation like this:

When a person shares files on Limewire, it is like leaving one's documents in a box marked "free" on a busy city street. When a person shares files on iTunes over an unsecured wireless network, it is like leaving one's documents in a box marked "take a look" at the end of a cul-de-sac."

The court further remarked that, "as a result of the ease and frequency with which people use each others' wireless networks, I conclude that society recognizes a lower expectation of privacy in information broadcast via an unsecured wireless network router than in information transmitted through a hardwired network or password-protected network."

I'm doubtful that the court has plowed new constitutional ground here, or that its ruling is going to surprise Fourth Amendment experts, although the court's opinion does appear to be the first to discuss the interplay between the Fourth Amendment and wireless security measures.

We already have a pretty well-developed law of passwords. The fact that has person has placed a password on a computer has been found constitutionally significant (but not dispositive) in several cases, including United States v. Heckenkamp, No. 05-10322 (9th Cir. April 5, 2007), and United States v. Long, No. 05-5002 (U.S. Ct. Mil.app. Sept. 27, 2006). Sharing passwords was found relevant -- and unwise -- in United States v. D'Andrea, No. 06-10082 (D. Mass. July 20, 2007), and the lack of a password  on a cell phone in Casella v. Borders, No. 09-19 (W.D. Va. Sept. 2, 2009), was cited as one reason for finding no Fourth Amendment protection for photos stored on the phone. Further, the Fourth Amendment doesn't protect people who are careless about computer security. In United States v. King, No. 07-11808 (11th Cir. Dec. 14, 2007), the court held that the defendant did not have a reasonable expectation of privacy in a password-protected laptop computer that he unwisely connected to a military network.

Finally, there is the case of United States v. Ganoe, No. 07-50195 (9th Cir. Aug. 15, 2008), in which the court held that a defendant lacked a reasonable expectation of privacy in computer files he exposed to the internet via his Limewire account. The court was not sympathetic to Ganoe's claim that his sharing was accidental rather than intentional.

[H]e was explicitly warned before completing the installation that the folder into which files are downloaded would be shared with other users in the peer-to-peer network. Ganoe thus opened up his download folder to the world, including Agent Rochford. To argue that Ganoe lacked the technical savvy or good sense to configure LimeWire to prevent access to his pornography files is like saying that he did not know enough to close his drapes. Having failed to demonstrate an expectation of privacy that society is prepared to accept as reasonable, Ganoe cannot invoke the protections of the Fourth Amendment.

The court's ruling in Ahrndt doesn't mean that police are free to conduct drive-by searches of unsecured wireless networks. Other factors were at work in this case, such as the defendant's use of Limewire and his decision to "share" the contents of the iTunes folder containing the Limewire-fed materials. The Ahrndt court made a big deal of the fact that the defendant had taken the trouble to change the settings on his iTunes folders, which by default are set to not share contents. (Ironically, the court did not ascribe any significance to the fact that the out-of-the box setting for wireless routers is wide open to the public.)

The Ahrndt ruling does suggest, however, that in this area the law helps those who help themselves. The Fourth Amendment is very unforgiving when it comes to lax data security measures.

Posted by Thomas O'Toole on February 03, 2010 in Electronic Surveillance, Information Security, Privacy | | Comments (0)

February 02, 2010

Federal Court Officials Issue Guidance on Jury Use of Blackberries, iPhones, Twitter, LinkedIn Etc.

According to the Administrative Office of the U.S. Courts, a committee on court administration matters has sent around to all federal trial courts proposed jury instructions that specifically address the influence of mobile communications devices and electronic social media on jury deliberations.

The rise of the "connected juror" has bedeviled the judicial system, introducing a host of new opportunities for juror consideration of irrelevant and inadmissible evidence, as well as new opportunities for improper communications with deliberating jurors, as this recent article from the Baltimore sun notes.

The proposed jury instructions state the general rule ("You must not conduct any independent research about this case ....") and then, for the jurors who require additional guidance, move on to the new media specifics (" In other words, you should not consult dictionaries or reference materials, search the internet, websites, blogs, or use any other electronic tools to obtain information about this case or to help you decide the caseare an attempt to fill in what is apparently a deficiency in jurors' understanding of the general rule that evidence obtained outside of the courtroom may not be considered.")

The proposed rules also mention by name Blackberries, iPhones, text messaging, Twitter, Facebook, My Space, LinkedIn, and YouTube. Prohibiting all of them, if used to learn about, or communicate about the case.

Posted by Thomas O'Toole on February 02, 2010 in Attorneys, User-Generated Content | | Comments (0)

February 01, 2010

Does "No Contract" Really Mean No Contract?

Nocontract

Of course not. There is always a contract with cell phone service. Everybody knows that.

Except the plaintiff in Williams v. MetroPCS Wireless Inc., No. 09-22890 (S.D. Fla. Jan. 5, 2010), who is pressing a two-pronged attack on the arbitration clause in her alleged contract with MetroPCS, a cell phone service provider. First, the plaintiff claims that MetroPCS never informed her of the existence of a contract (it was on the MetroPCS website). Second, she claims that MetroPCS marketing materials indicated to her that there were "no contracts" and "never any contracts required" to obtain MetroPCS service.

The trial court, which appeared sympathetic to the plaintiff's arguments, summarized the plaintiff's contentions like this:

[S]he remembers an advertisement featuring a Unicorn and a mermaid stating no contract was required, several other commercials along the same lines or theme with the "no contract" language, and a commercial featuring a contract being passed through an animated paper shredder and moments later a drawing of a contract with a circle and diagonal line or slash through it. To her the contract with a circle and slash through it indicated there was no contract, not that there was a contract with a hidden arbitration clause she never saw or understood. To her, the phrase "no contract" means no contract.

MetroPCS argued that the phrase "no contract" is a standard industry term for "prepaid service plans with no long-term commitment and no termination fee."

MetroPCS advanced a lawyerly, connect-the-dots argument for a valid contract. The plaintiff was (allegedly) given a Welcome Guide when she signed up for service. The Welcome Guide directed the plaintiff to the MetroPCS website for additional information about her cell phone service. The website contained a "Terms of Service" hyperlink at the bottom of the page. The Terms of Service contained a hyperlink to a "Start of Service Request" form, which read: "BY USING METROPCS'S WIRELESS SYSTEM OR ANY OTHER SERVICE, YOU ARE INDICATING YOUR INTENT TO BE BOUND BY THE TERMS AND CONDITIONS OF SERVICE OF THIS AGREEMENT. IF YOU ARE A NEW CUSTOMER AND YOU DO NOT AGREE TO THIS AGREEMENT, DO NOT INITIATE SERVICE."

So, according to MetroPCS, the plaintiff was made aware of the existence of a contract when she received the Welcome Guide, and she agreed to the contract by using the MetroPCS service.

Except that the plaintiff claimed that she never received the Welcome Guide and she never visited the MetroPCS website and the Terms of Service were never again brought to her attention because she elected to receive monthly billing statements via text messages (which did not mention the Terms of Service). She claimed that she purchased her cell phone and MetroPCs cellphone service at a MetroPCS store, and that she left the store without receiving or signing any paperwork.

Setting aside the issue of MetroPCS's "no contract" marketing, there are quite a few court decisions upholding contracts in similar situations. But all of them turned on the fact that the plaintiff received, at some point, notification of the existence of a contract. Cases like Fonte v. AT&T Wireless Services Inc., 903 So.2d 1019 (Fla. Dist. Ct. App. 2005)(terms contained in the welcome guide), Briceno v. Spring Spectrum L.P., 911 S.2d 176 (Fla. Dist. Ct. App. 2005)(terms contained in cell phone packaging), the "venerable" Hill v. Gateway 2000, 105 F.3d 1147 (7th Cir. 1997)(terms contained in the shipping box). Unlike this case, the defendants in Fonte, Briceno, and Hill all presented evidence that the plaintiff was given a copy of the contract or was directed to its online location, the court noted.

The court said that the plaintiff's situation was more like General Impact Glass & Windows Corp. v. Rollac Shutter of Texas Inc., 8 So.3d 1165 (Fla. Dist. Ct. App. 2009), a case in which the appellate court ruled that an online arbitration clause was not a part of the parties' contract because none of the several paper-based documents signed by the parties made reference to it.

Here, the court didn't conclusively rule on the enforceability of the arbitration clause in the alleged contract between the plaintiff and MetroPCS. Instead, the court ruled that the plaintiff had presented enough evidence to put the question to a jury of her peers. I wonder how that will turn out. Over at the MetroPCS website, they aren't using the "no contract required" promotion anymore.

Posted by Thomas O'Toole on February 01, 2010 in Contracts | | Comments (0)

January 29, 2010

Boring Case Gets Mildly Interesting

Yikes. The U.S. Court of Appeals for the Third Circuit today affirmed most but not all of a lower court judgment dismissing a Pennsylvania couple's privacy-related lawsuit against Google's "Street View" product.

In Boring v. Google Inc., No. 09-2350 (3d Cir. Jan. 28, 2010), the Third Circuit ruled that the plaintiffs were at least entitled to a trial on their claim that they suffered damages as a result of Google's alleged trespass upon their property during its Street View imaging process. According to the court: "While the district court's skepticism about the claim may be understandable, its decision to dismiss it under Rule 12(b)(6) was erroneous."

The Third Circuit remarked that, if the plaintiffs prove Google trespassed upon their property they are entitled to at least $1.00 (nominal damages) or whatever larger damage amount they can prove they suffered.

The court dismissed common law claims for invasion of privacy, intrusion upon seclusion, and publicity given to private life.

Eric Goldman has a thorough and enlightening discussion of this decision on his blog, which I commend to anyone who stumbles across this post.

Posted by Thomas O'Toole on January 29, 2010 in Privacy | | Comments (0)

January 19, 2010

Utah Legislator Introduces State Anti-Cybersquatting Proposal

The state of Utah will soon be considering an interesting anti-cybersquatting proposal as part of a comprehensive bill to update the state's laws on phishing, pharming, spyware, and other online ills.

The Utah E-Commerce Integrity Act (S.B. 26), introduced late last year by State Sen Stephen Urquhart, would create a state-law version of the federal Anticybersquatting Consumer Protection Act, albeit with a few modifications:

  • S.B. 26 would allow trademark owners to bring in rem suits for cancellation or transfer of an infringing domain name in the state district court where the mark owner resides;
  • S.B. 26 would extend anti-cybersquatting protections to personal names; and
  • S.B. 26 would (unlike the ACPA) provide no protection for bad faith lawsuits by trademark owners against lawfully registered domains.

For businesses located in Utah, the cost of nudging a problem registrant off a domain name will go way down if S.B. 26 becomes law. (Why do I say this? As best I can tell, the filing fee for an in rem action in a Utah state court is $155. The filing fee for a WIPO-adjudicated UDRP action is $1,500 for a single panelist. And any licensed attorney can represent a respondent in a UDRP action. In Utah, however, representation would have to be supplied by a Utah-licensed attorney or an out-of-state attorney appearing pro hac vice. Finally, it is not necessary to travel to Geneva to defend a UDRP action before WIPO.)

If Sen. Urquhart's name rings a bell, that's because he was the sponsor of Utah's 2004 anti-adware legislation, a law found to be an unconstitutional burden on interstate commerce in WhenU.com Inc. v. State of Utah, No. 040907578 (Utah Dist. Ct. July 8, 2004).

Sen. Urquhart is coming to Washington, D.C., Jan. 29 to speak about S.B. 26 and online brand protection issues at an event to be held at Alston & Bird's F Street offices. Promotional materials for the event indicated the hope that S.B. 26 "may act as a harbinger of federal action later this year."

The Utah anti-cybersquatting measure drew a statement in support from the Coalition Against Domain Name Abuse, a group whose membership has been very active litigating domain name suits against cybersquatters.

Posted by Thomas O'Toole on January 19, 2010 in Domain Names, Trademarks | | Comments (1)

December 08, 2009

District Court Gives California Anti-Spam Law Some Breathing Room

It turns out that on the same day that the Ninth Circuit rejected ISP Asis Internet's contention that the mere carriage of spam and the cost of deploying spam filters supported a claim under the federal CAN-SPAM Act, a federal district court in California boosted the company's state-law claim against another alleged spammer by ruling that claims under California's anti-spam statute are not preempted by CAN-SPAM.

Lower federal courts in California have produced a handful of opinions discussing whether, in order to avoid CAN-SPAM preemption, a state-law claim must present all of the elements of common law fraud. Allegations regarding traditional fraud elements of damage and detrimental reliance were missing from Asis Internet's complaint (it claimed to have received a few thousand e-mails with misleading subject lines, in violation of the state anti-spam law, Cal. Business and Professions Code Section 17529.5). But the court ruled that these elements were not needed to avoid preemption:

This Court agrees with those courts that have read the terms "falsity or deception" broadly, thereby saving more than just common law fraud claims and narrowing the preemptive effects of the CAN-SPAM Act. In particular, this Court agrees that Congress's use of the word "fraud" elsewhere in the section, and the CAN-SPAM Act's references to the word "deception" as used in the FTC Act, invite this broader reading. ... Plaintiffs therefore do not need to plead reliance and damages in order to avoid preemption of their claims.

The case is Asis Internet Services v. Subscriberbase Inc., No. 09-3503 (N.D. Cal. Dec. 4, 2009). For a case holding that all elements of traditional fraud must be shown in order to avoid CAN-SPAM preemption, see Hoang v. Reunion.com Inc., No. 08-3518 (N.D. Cal. Oct. 6, 2008). The Ninth Circuit is going to have to sort this out. The issue is presented (sort of) in Kleffman v. Vonage Holding Corp., 9th Cir., No. 07-56171, a case involving truthful-but-tricky header information, but there is no guarantee that Kleffman will produce an opinion addressing the precise issue dividing the Asis Internet v. Subscriberbase and Hoang v. Reunion.com courts.

Violations of California's anti-spam law can be expensive. Asis Internet claims it is entitled to $2.4 million in statutory damages from Subscriberbase.

Posted by Thomas O'Toole on December 08, 2009 in Federal Preemption, Marketing, Privacy | | Comments (0)

December 04, 2009

ECPA Protections Don't Apply Outside United States

A federal district court in Northern California ruled earlier this week that the Electronic Communications Privacy Act, the statute protecting stored e-mail communications, does not protect electronic communications outside the United States. The case is Zheng v. Yahoo! Inc., No. C-08-1068 (N. D. Cal., Dec. 2, 2009), in which the plaintiffs alleged that Yahoo!'s Chinese subsidiary unlawfully disclosed the plaintiffs' identities and electronic communications to officials of the Peoples Republic of China -- resulting in torture, imprisonment, and serious other emotional and economic damage.

The ruling appears to be one of first impression, although it the outcome is not surprising, given prior judicial pronouncements (United States v. Peterson, 812 F.2d 468 (9th Cir. 1987), and United States v. Toscanino, 500 F.2d 267 (2d Cir. 1974)), that the Wiretap Act does not apply extraterritorially. When a statute is silent on the subject of extraterritorial application, courts will imply that no extraterritorial effect was intended by Congress. In this case, neither the text of the ECPA nor the available legislative history supported the view that Congress intended the ECPA to apply to activities outside the United States. In fact, the court found language in a Senate report accompanying the ECPA specifically indicating that the law was not intended to apply extraterritorially.

Along the way, the court rejected public policy arguments in support of the plaintiffs' claims for ECPA protection. It rejected as well the contention that the ECPA applied because the electronic communications disclosed by Yahoo! China "may" have traveled through Yahoo!'s domestic network. Prior cases under the Wiretap Act, Stowe v. Devoy, 588 F.2d 336 (2d Cir. 1978), for example, have ruled that cross-border phone calls intercepted in Canada were not subject to the Wiretap Act. The court said here: "Because the alleged interceptions occurred in the PRC, the ECPA does not apply to them, even if the communications, prior to their interception and disclosure, traveled electronically through a network located in the United States."

Another computer-related statute, the Computer Fraud and Abuse Act, was until recently limited to computers located within the United States. Before 2001, courts held that the CFAA did not apply outside the United States. However, Congress explicitly gave the CFAA extraterritorial reach when it passed the USA Patriot Act in the fall of 2001, changing the definition of "protected computer" to include "a computer located outside the United States that is used in a manner that affects interstate or foreign commerce or communications of the United States."

Posted by Thomas O'Toole on December 04, 2009 in Electronic Surveillance, Free Speech | | Comments (0)

November 17, 2009

Close Doesn't Count in Cybersquatting

The Anticybersquatting Consumer Protection Act, 15 U.S.C. 1125(d), is the federal law that gives trademark owners a civil claim against persons who act with a "bad faith intent to profit" from registering domain names that are identical or confusingly similar to protected marks. Remedies available to a prevailing trademark owner include an award of statutory damages of up to $100,000 per domain name, plus costs and attorneys' fees in some cases. Losing an ACPA case can ruin your day.

Congress softened the harshness of the ACPA by including a safe harbor for domain registrants who "believed and had reasonable grounds to believe that the use of the domain name was a fair use or otherwise lawful," 15 U.S.C. 1125(d)(1(B)(ii). To date, courts have been very stingy with this defense. In Audi AG v. D'Amato, 469 F.3d 534 (6th Cir. 2006), the Sixth Circuit remarked that the safe harbor defense is available "only in the most unusual cases." In Virtual Works Inc. v. Volkswagen of Am. Inc., 238 F.3d 264 (4th Cir. 2001), the Fourth Circuit held that a domain registrant who acts even partially in bad faith is not entitled to the safe harbor. The intent of these cases is clear: cybersquatters won't be allowed to escape liability merely by professing a pure heart or mustering a decent argument that their use of the plaintiff's mark was fair or lawful.

The Ninth Circuit's decision yesterday in Lahoti v. Vericheck Inc., No. 08-35001 (9th Cir., Nov. 16, 2009), is in the same vein as Audi AG and Virtual Works. In Lahoti, the court said that the domain registrant was not entitled to claim the safe harbor defense because it was "unlikely that he legitimately believed that his use of the Domain Name was wholly lawful in this case."

Wholly lawful. To my ear, "wholly lawful" is much more demanding than the language that Congress wrote, which is "believed and had reasonable grounds to believe that the use of the domain name was a fair use or otherwise lawful." But three federal appellate panels clearly feel otherwise. "Wholly lawful" is a tough standard for anyone to meet, and it proved insurmountable for a garden-variety cybersquatter like Lahoti. The bill of particulars against him:

  • Lahoti registered <vericheck.com>, a domain identical to the plaintiff's "Vericheck" Georgia state service mark.
  • Lahoti published a collection of outbound links (some pointing to the plaintiff's competitors), not a legitimate offering of goods and services, at the <vericheck.com> domain name.
  • Lahoti offered to sell the domain name to the plaintiff for $72,500.
  • Lahoti had been adjudicated a cybersquatter in other judicial proceedings.

In most courts' estimation, the above factors are tell-tale signs of a dark, bad faith, cybersquatter heart. In fact, these factors would form the core of any decent "what not to do" list for domainers.

Now, as it turns out, the lower court made a couple legal errors when it ruled that the VeriCheck mark was a "distinctive" mark (and thereby protectable under the ACPA). The appellate court discussed at length how an arguably generic or descriptive mark might become "distinctive," and it sent the case back to the lower court for reconsideration.

So this was a close case as far as whether or not the plaintiff's mark is distinctive enough to support an ACPA claim. However, in this court's estimation, it wasn't a close case as far as whether Lahoti's behavior met the "wholly lawful" standard: 

As we see the record, there is no genuine appellate issue on Lahoti’s bad faith. He has made his cybersquatter bed and now cannot persuasively challenge the district court’s conclusion that he must lie in it. A different case might be presented if Lahoti had a genuine business marketing service for which the Vericheck name was an aid, but there was no credible evidence of that here, nothing but his self-serving affidavit.

A reasonable person in Lahoti’s position—that is, a reasonable person who had previously been declared a cybersquatter in a judicial proceeding—should have known that his actions might be unlawful. Lahoti has previously advanced, unsuccessfully, the same trademark defenses he argues here, including the claim that the mark at issue was only descriptive and that he is entitled to the safe harbor. Lahoti’s failed defenses in these other cases make it unlikely that he legitimately believed that his use of the Domain Name was wholly lawful in this case.

The message I take from this language is that if you have been adjudicated a cybersquatter in a prior proceeding, or you are in the "domaining" or domain name speculation business, you had better knock down the trademark owner's claim to a protectable interest in the mark because you will never convince a court that your registration of the domain was "wholly lawful." Close doesn't count in cybersquatting.

Posted by Thomas O'Toole on November 17, 2009 in Domain Names, Trademarks | | Comments (1)

November 09, 2009

GoDaddy Not Subject to Trademark Infringement Suit in Illinois

In the case of uBID Inc. v. The GoDaddy Group Inc., No. 09-cv-2123 (N.D. Ill., Nov. 5, 2009), a federal district court in Illinois ruled late last week that the Big Daddy of domain name registrars, Godaddy.com, is not subject to the jurisdiction of Illinois courts and need not defend a trademark infringement suit filed there. This is an interesting ruling, though "interesting" in the area of internet jurisdiction is a relative term to say the least.

The plaintiff's trademark infringement theory is a novel one, and the case is well-known in cyberlaw circles. The plaintiff alleged that Godaddy.com is unlawfully profiting from domain name registrations that infringe the plaintiff's UBID trademark -- because Godaddy.com sells advertising on web pages for parked domains. For example, if a person registers a domain name, like <ubidhigherthanme.com>, but does not immediately link the the domain name to a website under the registrant's control, Godaddy.com will temporarily associate the domain name with a web page under Godaddy.com's control and then sell advertising on that web page.

GoDaddy: Everywhere and Yet Nowhere at All (Except Arizona)

Godaddy.com, based in Arizona, is the leading ICANN-accredited registrar of domain names by a wide margin, with reportedly over 32 million domains registered. The court acknowledged that Godaddy.com received 3.19 percent of its revenues from Illinois, a not-inconsiderable sum. Add to that Godaddy.com's pervasive national advertising campaigns and sponsorships in the sport of auto-racing, including events that took place in Illinois. Yet the court found that all of this commercial activity was not enough to subject Godaddy.com to suit in Illinois.

In this court's view, it was important that Godaddy.com's national advertising campaign was not specifically directed to Illinois residents. "Without demonstration of an Illinois-specific focus, GoDaddy's sporadic contacts with Illinois as a result of its national advertising campaign to not support an exercise of general jurisdiction," the court said.

The idea of targeting came up again in the court's discussion of specific jurisdiction, where it ruled that the thousands of transactions (and domain registration contracts) processed by Godaddy.com's website with Illinois residents were not sufficient to create jurisdiction over Godaddy.com. The court seemed to weigh in Godaddy.com's favor the fact that these transactions were automated. Also in Godaddy.com's favor was the fact that Godaddy.com's automated contacts with Illinois residents were initiated by Illinois residents not by Godaddy.com. They were the product of "unilateral activity of a third person," the court wrote.

Asserting jurisdiction over Godaddy.com on the basis of these automated contacts would violate constitutional due process, the court held. It also rejected the Calder "effects test" as a basis for assertion jurisdiction here.

The court also mentioned favorably Godaddy.com's registration contract, which provides for jurisdiction in Arizona, though it didn't make too much of this fact.

I wonder if this ruling is an outlier or a turning point in how courts view jurisdiction over internet sites. If an entity as commercially large and pervasive as Godaddy.com is not subject to the jurisdiction of Illinois courts then, by this court's reasoning, Godaddy.com is not likely to subject to the general jurisdiction of any other forum -- save for Godaddy.com's home state of Arizona. Smaller domain name registrars (all of the others are smaller than Godaddy.com!) should also take comfort from the court's ruling.

Trademark owners alleging infringement tend to prevail on these sorts of jurisdiction challenges, inasmuch as the harm allegedly inflicted by the defendant's infringing activities is felt most keenly in the trademark owner's home jurisdiction. On this point too the court's ruling was somewhat surprising.

The Targeting Trend

Internet jurisdiction cases tend to be all over the map as far as reasoning as each court takes a whack at the novel issues presented, and they are "fact-intensive" as well, which is lawyer-speak meaning that the court's ruling is pretty well tied to the case before it. It is not terribly difficult to distinguish one case, or several cases, and build a good argument for ruling the other way. Myself, I could find a couple dozen cases where scant commercial activity was held to support the assertion of jurisdiction over an out-of-state defendant. That doesn't mean this judge was wrong in uBID v. Godaddy or that this ruling isn't a rational way to look at internet-based jurisdiction problems. It is entirely possible to see this case a part of the recent trend of "targeting" analysis in jurisdiction cases, which is scaling back expansive 1996-2000 era views on internet jurisdiction. In the end, though, I think it just means that the cases are all over the map.

(This doesn't have anything do to with jurisdiction, but I found it interesting that the court's opinion mentioned that Godaddy.com has filed a patent application for a domain registration system that examines the text of a domain name and then prevent advertisements from companies with similarly worded names from appearing on the parked page.)

Finally, a trivial tidbit. The judge in the uBID v. Godaddy case, Charles P. Kocoras, is the same judge who entered a $11.7 million default judgment against United Kingdom-based Spamhaus in a defamation case brought by a company claiming to have been wrongfully tagged by Spamhaus as a spammer. Spamhaus didn't challenge the court's jurisdiction in that case, and I bet they wish they did. Spamhaus's connections with Illinois seem awfully slight in comparison to Godaddy.com's connections. Spamhaus is still trying to get out from under that default judgment. The Seventh Circuit subsequently ruled that Spamhaus was entitled to a hearing on the size of the judgment, and that part of the case has been dragging on for the past two years. On Oct. 8, Judge Kocoras rejected Spamhaus's request for a jury trial on the damages question.

The bottom line for the uBID v. Godaddy case, however, is that if uBID wants to pursue Godaddy.com on trademark infringement claims, it is going to have to do so in Arizona.

Posted by Thomas O'Toole on November 09, 2009 in Jurisdiction, Trademarks | | Comments (0)

Next »
Subscribe to this blog's feed

Twitter Updates

    follow me on Twitter

    Recent Posts

    Recent Comments

    Notice to Subscribers

    Categories

    Archives

    More...

    Copyright

    About