TechLaw

A manufacturer of money clips was found liable for trademark infringement last week, a victim of the "initial interest confusion" doctrine set out by the Ninth Circuit in Playboy Enterprises Inc. v. Netscape Communications Corp., 354 F.3d 1020 (9th Cir. 2004). I am having a hard time understanding the usefulness of this theory of infringement liability, especially online where consumers are "diverted" so easily from one site to another, and this case didn't help matters any.

The plaintiff, Storus Corp., sells money clips with the registered mark SMART MONEY CLIP. The defendant, Aroa Marketing Inc., also sells money clips, and it purchased a Google AdWord that triggered the following advertisement whenever a Google user searched for "smart money clip":

Smart Money Clip
www.steinhausenonline.com Elegant Steinhausen accessories. Perfect to add to any collection.

The plaintiff's evidence showed that this advertisement was displayed 36,164 times during 2006-2007, attracting 1,374 "clicks" by Google users.

The court here wasn't impressed with the defendant's argument that consumers were not confused by the advertisement. Even if consumers were not confused, it said, the trademark infringement claim would still be viable -- because plaintiffs pursuing an initial interest confusion theory need not prove source confusion. All that is necessary, in the Internet context, is for the trademark owner to demonstrate that the defendant's use of the mark "diverted" the consumer to a Web site not operated by the mark owner. The court wrote:

In other words, on 1,374 occasions, consumers who were searching for a website by using Storus' mark were, in fact, "diverted" to an Aroa website selling money clips that compete with Storus' money clips. Such diversion constitutes the "initial interest confusion" prohibited by the Lanham Act.

It was not necessary for the court to decide whether the mere purchase of a keyword containing the plaintiff's mark was infringing, though it likely would have so held, given Brookfield. The prominent display of the plaintiff's mark in the text of the defendant's advertisement was the defendant's undoing here.

Another interesting issue in this case was whether another defendant, Skymall Inc., infringed the plaintiff's trademark when the mall's Web site search mechanism displayed products other than the mark owner's in response to a consumer's search for "smart money clip." The court held that the mark owner was not entitled to summary judgment on this claim, stating that the mark owner had not, at this point in the case, created an adequate recording showing how Skymall's search engine operated.

I think the court could have been a little clearer in its reasoning here. From what I can tell, this court believed that no infringement would occur if Skymall displayed a list of money clips for sale -- including the Storus' Smart Money Clip along with competitors' money clips -- in response to a consumer's search for "smart money clip." The court noted that the defendant's product may very well have been displayed if the  consumer had merely searched for "money clip." However, if the Skymall Web site search engine returned a Web page showing competitors' money clips and containing the phrase "smart money clip" somewhere on the page, then that would be infringing. At least I think that's what the court is saying here, preliminarily.

I can't recall any cases like this one, in which a trademark owner challenges the way in which a run-of-the-mill Web site's searching function operates. Google, Yahoo!, Netscape sure, there are plenty of those cases. But in this case, there is no claim that the defendant purchased anything like a keyword from Skymall. I wonder: Are online sellers considering the possibility that their internal search functionality could be infringing a trademarked term if a search query containing the mark returns (accidentally or intentionally to facilitate comparison shopping) results displaying the mark alongside competing products? Could cdw.com lawfully show me a Hewlett-Packard laptop if my search query was for "Dell"?

The case is Storus Corp. v. Aroa Marketing Inc., No. C-06-2454 (N.D. Cal., Feb. 15, 2008).

Judge Frank Easterbrook is among the three judges scheduled to hear oral arguments today in Chicago Lawyers' Committee for Civil Rights Under Law Inc. v. Craigslist Inc., according to the argument schedule released by the Seventh Circuit this morning.

Also on the Craigslist panel is Judge Diane P. Wood, who joined Easterbrook's provocative (albeit in dicta) suggestions in Doe v. GTE Corp., 347 F.3d 655 (7th Cir. 2003), that the online publisher immunity provided by Section 230 of the Communications Decency Act might not be as broad as many folks believe.

CDA Section 230, in a nutshell, provides users or providers of interactive computer services with immunity from lawsuits seeking to hold them responsible as publishers of unlawful content authored by third parties. Nearly all courts have interpreted CDA Section 230, a law written in 1996, as providing broad immunity to interactive computer services for third-party content -- regardless of whether the computer services provider exercised its statutorily protected right to screen objectionable content or whether it allowed third-party content to flow freely over its network.

Easterbrook's Doe opinion revealed a judge who is not particularly impressed with interpretations of CDA Section 230 that give online publishers no incentive at all to filter objectionable content submitted by third-parties.  Screening for offensive third-party content is expensive, so why would online publishers do it if they received immunity regardless. "If this reading is sound," he wrote, then a statute titled "Protection for `Good Samaritan' blocking and screening of offensive material" would, in practice, "induce ISPs to do nothing about the distribution of indecent and offensive materials via their services." Easterbrook suggested in Doe that a plausible interpretation of CDA Section 230 would be that it provides immunity only in those cases in which the publisher is in fact screening for objectionable third-party content.

As it turns out, this is the same argument being urged upon the court in today's Craigslist arguments.

Update: A recording of the oral argument is available at the Seventh Circuit's Web site.

Update: Chicago attorney Michael Erdman posted his impressions of the argument at his Online Liability blog. Erdman's account of the argument casts some doubt on my ruminations that Craigslist is in a little trouble here.

A recent case, Bailey v. Bailey, No. 07-11672 (E.D. Mich., Feb. 6, 2008), held that the unauthorized access of a person's already-read e-mail violates the Stored Communications Act, 18 U.S.C. 2701. The court followed Theofel v. Farey-Jones, 359 F.3d 1066 (9th Cir. 2003), in what was a ruling of first impression on this issue in the Sixth Circuit. The defendant used surreptitiously installed keylogger software to capture his wife's e-mail account password and then used this knowledge to read her e-mail.

The plaintiff didn't challenge her husband's use of the keylogger under the federal wiretap law, but she did bring claims under a pair of Michigan eavesdropping statutes. She lost, revealing a big hole in Michigan's scheme for protecting electronic information. The first statute, MCL 750.539c, protects "conversations," and the court held here that a keylogger eavesdrops on keystrokes not "conversations." The second statute, MCL 750.539d, makes it unlawful to install a device that eavesdrops on "the sounds or events in that place." Here again, the court made a very literal reading of the law, holding that because a keylogger "only records electronically what keystrokes are pressed on a keyboard" -- not "sounds or events" -- the statute did not reach the defendant's conduct.

The court held, however, that the plaintiff had a common law cause of action for the privacy tort of intrusion upon seclusion. She will have to prove at trial that her husband's installation and use of the keylogger is "objectionable to a reasonable man." Let's hope the court meant man and woman.

Legislation to outlaw the unauthorized installation of keystroke loggers has been under consideration by the Michigan state legislature for several years now. The latest proposal, Senate Bill 145, would create a civil cause of action with $10,000 in statutory damages for the unauthorized installation of keyloggers.

Not all state eavedropping laws are as rooted in the physical world as the Michigan statutes involved in Bailey. In Rich v. Rich, No. 2007-01538 (Mass. Super., Nov. 26, 2007), the court held that a husband's act of installing a keylogger on a family computer (which he used to gain access to his wife's e-mail account password, just as in Bailey), violated a Masschusetts law that protected the "contents" of wire and oral communications. "Contents" is defined by the Massachusetts statute as "any information" concerning the existence, contents, of meaning of a communication.

The Third Circuit yesterday settled the questions of whether Google is a state actor for First Amendment purposes (it isn't) and whether Google's act of publishing the plaintiff's social security number, cleverly disguised as the word "Google," violates the U.S. Constitution (it doesn't).

This is the second time Google has beaten back a First Amendment claim, the first one being Kinderstart.com v. Google Inc., No. 06-2057 (N.D. Calif., July 13, 2006). As for the identity theft claim, encryption is a good thing, right?

Google has good lawyers. If want to beat them in court, you'll have to do better than this.

NOT PRECEDENTIAL
UNITED STATES COURT OF APPEALS FOR THE THIRD CIRCUIT
___________
No. 07-4083
___________
DYLAN STEPHEN JAYNE, Appellant v. GOOGLE INTERNET SEARCH ENGINE FOUNDERS
____________________________________
On Appeal from the United States District Court for the Middle District of Pennsylvania (D.C. Civil Action No. 07-cv-01677)
District Judge: Honorable James M. Munley
____________________________________
Submitted Pursuant to Third Circuit LAR 34.1(a)
February 5, 2008
Before: AMBRO, FUENTES and FISHER, Circuit Judges
(Opinion filed February 7, 2008)
___________
OPINION
___________
PER CURIAM

This appeal arises from the order of the United States District Court for the Middle District of Pennsylvania dismissing Dylan Stephen Jayne’s complaint pursuant to 28 U.S.C. § 1915(e)(2)(B). We will affirm.

In September 2007, Jayne filed an action, pursuant to 42 U.S.C. § 1983, against the founders of the Google internet search engine, alleging that his social security number when turned upside down is a scrambled code that spells the name “Google.”
The District Court reviewed the lawsuit pursuant to 28 U.S.C. § 1915(e)(2)(B), and dismissed it sua sponte for failure to state a claim. Jayne filed a timely appeal. We have jurisdiction pursuant to 28 U.S.C. § 1291. We exercise plenary review of the District Court’s sua sponte dismissal for failure to state a claim. See Allah v. Seiverling, 229 F.3d 220, 223 (3d Cir. 2000). To prevail on his § 1983 claim, Jayne must demonstrate that the named defendants acted under color of state law and deprived him of rights secured by the Constitution or federal law. See Sameric Corp. of Del., Inc. v. City of Philadelphia, 142 F.3d 582, 590 (3d Cir. 1998). It is clear that neither of these criteria is satisfied here. As explained by the District Court, Google and its founders are not state actors, and Jayne’s allegation concerning his coded social security number does not constitute a violation of the Constitution or federal law. We also agree that any amendment of the complaint would be futile. See Grayson v. Mayview State Hosp., 293 F.3d 103, 110 (3d Cir. 2002).

For these reasons, we will affirm the District Court’s order.

Colorado's House Judiciary Committee approved an interesting anti-spam measure yesterday. From what I can tell, the drafters intended to walk right up to the edge of what the CAN-SPAM Act permits without stepping over the line.

Colorado H.B. 08-1178 has a lot of language in it that seems to have been written in response to the Fourth Circuit's reading of the CAN-SPAM preemption provision in Omega World Travel v. Mummagraphics Inc., 469 F.3d 348 (4th Cir. 2006). The drafters seem intent on making the point that, unlike the ill-fated Oklahoma statute discussed in Mummagraphics, Colorado will treat spam as a form of fraud, requiring an intent on the part of the sender to mislead or deceive the recipient.

Colorado H.B. 08-1178 first declares that any violation of the CAN-SPAM Act is also a deceptive trade practice under Colorado law. The bill then ventures outside CAN-SPAM to prohibit, among other things, (1) failing to disclose a commercial message's point of origin and (2) falsifying transmission and routing information.

This is where the Oklahoma anti-spam statute got into trouble in Mummagraphics. The Mummagraphics court held that the CAN-SPAM Act left room for states to write their own anti-spam laws insofar as those laws prohibited falsity or deception. CAN-SPAM preempts states from punishing mere errors in e-mail message paths and routing information, the court said.

The Colorado bill seems to have been drafted with Mummagraphics in mind. Whereas the Oklahoma anti-spam law at issue in Mummagraphics made it unlawful to merely "misrepresent[ ] any information" in a message's transmission path, the Colorado proposal adds a mental state and inserts the notion of deception:

A person engages in a deceptive trade practice when, in the course of such person's business, vocation, or occupation, such person:
...
(b) Knowingly fails to disclose the actual point-of-origin electronic mail address of a commercial electronic mail message in order to mislead or deceive the recipient as to the source or sender of the message;
...

The bill employs similarly careful language when describing the prohibition on false routing and transmission information. Other portions of the bill contain tough talk like "All violations of the federal CAN-SPAM Act are inherently false and deceptive" and "Falsity and deception in any portion of a commercial electronic mail message or an attachment thereto harms Colorado consumers and threatens Colorado's economy."

Another noteworthy feature of the Colorado law is the extent to which it departs from CAN-SPAM in terms of the statutory damages it authorizes. In Colorado, a CAN-SPAM violation will be very expensive. The civil enforcement provisions of the bill authorize damage awards of $1,000 per unlawful message, up to $10 million against a single defendant. CAN-SPAM damages forgiving by comparison: $250 per unlawful message up to $2 million. How do lawmakers come up with these numbers? A recently introduced anti-spam measure in New Jersey (S.B. 416) would authorize civil damages between $2 and $8 per unlawful message. Almost inviting spam you might say.

Looking over the TRUSTe 2007 Most Trusted Companies for Privacy announcement this morning, I was surprised to see Weight Watchers listed at #22 -- the very bottom -- of their consumer survey results.

Lower than Google (#11), a company literally in possession of a goldmine of personal information that  Privacy International calls "hostile" to privacy and the Electronic Privacy Information Center contends fails to "take adequate steps to safeguard the personal data that is collected" through search queries and through the routine operation of its many other online services.

Lower than Bank of America (#20), which Privacy Rights Clearinghouse reports had five separate data breach incidents between June 29, 2005, and April 12, 2007.

Lower than America Online (#4), a company that in 2006 accidentally posted to the Web 20 million search  queries entered by 658,000 individuals using AOL's client software. This incident drew a class action lawsuit, which I checked on just now. The case, Ramkissoon v. AOL LLC, No. 06-cv-5866 (N.D. Calif., complaint filed Sept. 22, 2006), was dismissed in early 2007 for improper venue.

Lower than a slew of other, giant data-processing companies.

Americans, Weight Watchers is not watching our weight.

Weight Watchers does not record what we eat or when we eat it. Until the day comes when our bathroom scales have IP addresses, Weight Watchers has no ability to monitor and record our weight. Their mission seems considerably more benign. According to David Kirchhoff, President, Weight Watchers International, "Our singular mission as an organization is to help people lose weight in a sustainable way by helping them adapt a healthier lifestyle and a healthier relationship with food and activity."

I trust David on this one. When it comes to privacy, I worry more about Google than Weight Watchers.

Another reason for Weight Watcher's relatively low performance in the TRUSTe game might be that the study does not actually measure which companies provide the most robust privacy protection. Instead, it measures a company's reputation for privacy protection. Two different notions entirely. Because in the United States there is no universally acknowledged set of information privacy rights or a shared concept of privacy harms, companies are free to shape the public's perception of what privacy looks like (for example, the presence of a privacy policy on the Web site, or a privacy seal, or the hiring of a privacy officer), and then work assiduously to cultivate a reputation for privacy that aligns with this definition. Moreover, companies with sterling reputations in other aspects of their business -- such as customer service or product quality -- are able to transfer those positive brand reputations to their privacy practices. The TRUSTe survey acknowledges this point:

Based on previous consumer studies we have conducted, we have found that consumer perceptions about privacy and trust can be influenced by a number of factors. In fact, the consumer ratings may not reflect at all the actual privacy practices of the company and its good effort to protect the personal information of its customers and employees.

Leaving aside the goofiness of scoring Weight Watchers lower than Google or any number of other companies in the report, TRUSTe's essential insight is valuable. Having a reputation for privacy is as good for business as providing strong privacy protections. Right now, in the United States at least, when it comes to privacy, form is more valuable than substance.

Here is TRUSTe's complete list, with the highest-ranking companies at the top:

Most Trusted Companies for Privacy
Consumer Survey Results March 2007

American Express
Charles Schwab
IBM
America Online
Amazon
Johnson & Johnson
U.S. Postal Service
E-Bay
Procter & Gamble
Nationwide
Google
E-Loan
WebMD
Dell
Countrywide
USAA
Disney
Hewlett-Packard
U.S. Bank
Bank of America
Intuit
Weight Watchers

The Federal Trade Commission announced this afternoon that it will hold what it calls a "town hall meeting" to discuss consumer protection issues raised by new mobile commerce technologies. The event is set for May 6-7, 2008, at the FTC Conference Center.

This is good news for companies doing business over mobile devices. Washington is pretty in May. More importantly, an FTC town hall or workshop typically signals the end of FTC interest in a particular topic rather than the onset of regulatory scrutiny. You can look it up: spam, spyware, the role of social security numbers in identity theft, privacy, broadband competition, behavioral advertising, consumer protection, more spam, still more spam, online profiling, RFID privacy, consumer information privacy, more consumer information privacy. So many interesting policy issues, yet every single one of them, the FTC believes, will be best governed by market forces and industry self-regulation.

I wish FTC staffers would take another look at online disclosures and online contracting. Today's announcement suggests that it is going to do just that. The agency's 2000 publication, Dot Com Disclosures, a document intended for online advertisers but consulted widely by attorneys drafting online contracts and other online documents, contains a lot of advice that is very difficult to apply to small-screen commerce. An update for mobile businesses is needed. Key concepts like "proximity," "prominence," and "conspicuousness" don't translate easily to mobile devices. If you've ever used a Blackberry or iPhone, you'll immediately appreciate that advice such as "Avoid Web page formats that discourage scrolling" misses the mark by a long shot.

And while the FTC blesses (as do many courts) the practice of making important disclosures via hyperlink-accessible pages, there are enough differences between desktop computers and mobile devices (screen size, screen resolution, data transmission speeds, input technologies) that this common contracting strategy might have to be worked out all over again for mobile devices.