Skip Page Banner  
E-COMMERCE AND TECH LAW
BLOG

Monday, May 2, 2011

Cyberlaw Links for Monday, May 2, 2011

by Thomas O'Toole

RSS

Here are some interesting articles I ran across last week, followed by my two cents. Topics: the unfortunate intrusion of the federal junk fax statute into interactive media, how the unresolved orphan works issue is muting our musical heritage, one court's belief that owners of wireless routers owe a duty of care to protect the pornography industry, and how clean brands can do business in .xxx.

Pepsi Personal Information Collecting Machines

Pepsi announced that the company will be deploying "social vending machines" that allow consumers to send videos and personal messages to each other, as well as merchandise codes that allow one consumer to purchase a drink for another person at any similarly-equipped machine. The machines have touch screens for video display and data input.

The privacy compliance work for this marketing effort is interesting to contemplate. In order for the machine to send a drink from one consumer to another, the machine collects from the sender the name and cell phone number of the recipient. Some sort of privacy policy should be displayed at this point though I didn't see one on the Pepsi video explaining the program. Also, because the vending machine sends an unsolicited text message with the drink redemption code to the intended recipient, I imagine that the Telephone Consumer Protection Act -- rather than the CAN-SPAM Act -- is somehow implicated. This is due to (regrettable) judicial decisions holding that text messages are "calls" within the meaning of the TCPA.

The TCPA, at 47 U.S.C. § 227, prohibits calls to cell phones using “automatic telephone dialing systems.” The TCPA defines an “automatic telephone dialing system” as “equipment which has the capacity (a) to store or produce telephone numbers to be called, using a random or sequential number generator; and (b) to dial such numbers.”

The leading decision is the Ninth Circuit's Satterfield v. Simon & Schuster Inc., No. 07-16356 (9th Cir., June 19, 2009), a text message spam case where the court compounded the "text message = phone call" error by also holding that any machine that has the mere capacity to store and call random or sequential phone numbers is an “automatic telephone dialing system” forbidden by the TCPA.

The way I read Satterfield, just about any computer is a forbidden TCPA robo-dialer regardless of whether the computer is in fact engaged in making robo-calls or not.

After Satterfield, it can be plausibly argued that the TCPA applies to any unsolicited text messages. These messages -- if they originate from an “automatic telephone dialing system” -- need not be commercial in nature in order to violate the TCPA.

I worry that decisions like Satterfield will hobble text messaging as a communications medium. Texts have a lot more functionality than telephone calls or fax transmissions. Texts can be interactive, they can transmit data, they can command remote computers and rapidly transmit a wide variety of useful content. Fitting text messaging into the TCPA's straight-jacket seems like a policy mistake. I expect business practices to severely stress those judicial decisions equating text messages to telephone calls in the next few years.

Perhaps Pepsi believes that the consumer -- not Pepsi itself -- is the party sending the unsolicited text message to the recipient. I looked at the video explaining the program and it did not appear to me that Pepsi will be collecting the sender's cell phone number. Although, even if Pepsi does collect the sender's cell phone number and even it if does appear that the message is being sent by the recipient's friend, this would be a "forward to a friend" marketing campaign in which the marketer might still be treated as the sender. The Federal Trade Commission has issued regulations under the CAN-SPAM Act to address this situation in the context of e-mail marketing. No such rules exist for text messages under the TCPA.

I wonder how Pepsi's attorneys worked through these TCPA issues. I don't see how Pepsi can get around the legal requirement that text messages can only be sent with the recipient's express prior authorization. It is not clear to me how this can be done via disclosures. Unlike the CAN-SPAM Act, which was written to facilitate e-mail marketing, the intent of the TCPA was to stop marketing via unsolicited faxes and robo-calls.

The Pepsi social vending machines also collect e-mail addresses, though this seems to me to be a lot simpler to handle from a privacy compliance standpoint. The video display on the vending machine can show the consumer a privacy policy (or a link to a privacy policy), and Pepsi's attorneys have the benefit of FTC guidance and judicial decisions under the CAN-SPAM Act to assist them.

Twitter Sued Over SMS Notifications

In this case, Twitter is being sued by two individuals who claim that Twitter violated the TCPA by sending a single text message to them confirming an earlier message from them indicating that they no longer wanted to receive text message notifications from Twitter. The situation seems similar to unsubscribing from an e-mail listserv or opting out of a commercial e-mailer's list. In both cases, the marketer will send a confirming message: "You have successfully unsubscribed from [whatever]." The CAN-SPAM Act permits this sort of transactional message. The TCPA -- allegedly -- does not.

It seems like a crazy lawsuit. But the plaintiffs are merely walking through the door that Satterfield opened for them. The "text message = phone call" idea is not limited to Satterfield. There are a half-dozen cases out there with similar holdings, for example, Lozano v. Twentieth Century Fox Film Corp., No. 1:09-cv-06344 (N.D. Ill., March 23, 2010).

The Twitter lawsuit is Moss v. Twitter Inc., S.D. Cal., No. 11-cv-906, and the complaint is here.

Vintage Jazz Recordings Muted by Orphan Works Problem

A very good story about the cultural loss created by Congress' failure to solve the orphan works problem. Here we have a treasure trove of vintage jazz recordings being kept out of circulation due to the fact that nobody is certain who owns the rights to the recordings. Because we live in an era where statutory damages for copyright infringement are between $750 and $150,000 per infringement, nobody in their right mind will take a chance on making a distribution of these recordings.

Congress lost interest in addressing the orphan works question back in 2008. The Copyright Office has erected a nice monument to that effort here.

Wide Open Wireless, Wide Open Liability

In this article, the Electronic Frontier Foundation's Peter Eckersley makes the case for an "Open Wireless Movement," a call for individuals to leave their wireless connections open so that others may use them. Eckersley calls the disappearance of open wireless networks a "tragedy of the commons," and to a certain extent I agree, having had several misguided back-to-nature vacations saved by a serendipitous encounter with an unguarded wireless router.

Open wireless connections are not without risk, however. Many computer crime laws make the act of accessing an unsecured wireless connection without permission and leaving one's own wireless setup unsecured both criminal offenses. An unsecured wireless router might invite unwanted and embarrassing attention from law enforcement. Or And then there is the case of Liberty Media Holdings LLC v. Swarm of November 16, 2010, Sharing Hash File A3E6F65F2E3D672400A5908F64ED55B66, No. 11-cv-619 (S.D. Cal., April 26, 2011), in which a magistrate judge ruled that a homeowner can be held liable for negligently leaving a residential connection unsecured and thereby allowing a third-party to use that connection to access the internet and download copyrighted material without authorization.

Here is the magistrate's ruling in its entirety. Mind you, this was a default, so nobody was present to offer a contrary view of the law.

    "An action in negligence requires a showing that the defendant owed the plaintiff a legal duty, that the defendant breached the duty,     and that the breach was a proximate or legal cause of injuries suffered by the plaintiff.” Mintz v. Blue Cross of Cal., 92 Cal. Rptr. 3d     422, 434 (Cal. Ct. App. 2009) (citation omitted). Plaintiff alleges that Defendants accessed, or controlled access, to the Internet     connection used in performing the unauthorized copying and sharing of Plaintiff’s copyrighted work. Compl. ¶ 374. Plaintiff further     alleges that Defendants failed to adequately secure their Internet access accounts, and this failure to prevent illegal use of their     accounts “constitutes a breach of the ordinary care that reasonable persons exercise in using an Internet access account.” Compl. ¶¶     375-76. Plaintiff alleges that, due to this unsecured access, others were allowed to unlawfully copy and share Plaintiff’s copyrighted     work, thereby interfering with Plaintiff’s exclusive rights and causing Plaintiff financial harm. Compl. ¶¶ 378-80. Accordingly,     Plaintiff’s negligence cause of action could withstand a motion to dismiss. See Columbia Ins. Co., 185 F.R.D. at 579-80.
    
Wow. "Ordinary care that reasonable persons exercise in using an Internet access account." That's a stretch. I am not aware of a court that has ever held that an internet user (remember: the magistrate doesn't even know who accessed the internet with the IP address alleged in the complaint) owes a duty of care to a copyright owner to help protect the copyright owner's property. No case was cited by Liberty Media's attorney in making the argument. My bet is that this will be seen as an errant ruling that the magistrate will back away from at the earliest opportunity. Assuming that the case is further litigated and that somebody comes forward to challenge the magistrate's view of the law, of course. Though the ruling does work at the level of social satire. Internet users have a common law duty to protect a pornographer's property. I like that.

It could also be argued that a cause of action for negligently allowing a third-party to infringe copyright is preempted by the Copyright Act. The negligence claim here looks a lot like a claim for contributory copyright infringement -- a cause of action that the court also ruled was adequately pleaded by the plaintiff. If in fact the two causes of action are closely similar, the state-law negligence claim would be preempted.

Your BRAND in .XXX

In other pornography-related news, the operators of the .xxx top-level domain, ICM Registry, are expected to announce very soon -- possibly this week -- the details of the registry's protections for trademark owners in that domain. The Reed Smith summary at the link above summarizes most of what is now known about ICM Registry's accommodations for mark owners.

ICM Registry will allow mark owners not in the porn business to permanently register the domain corresponding to their mark for a single, one-time fee. Domain names registered in this fashion will resolve to a single, plain vanilla (no advertising) page indicating that "this name has been reserved from registration under the ICM registry IP protection program."

Once the .xxx top-level domain is up and running, trademark owners will have access to the usual ACPA and UDRP remedies, plus an additional rapid recuperation program that one ICM Registry official told me is like "the URS on steroids." Which is amusing, since the URS is like the UDRP on steroids. For trademark owners, I think this means that there will be little trouble dealing with ICM Registry over troublesome registrations.


Except in the case in which the trademark in question also belongs to an "adult community" business. For example, if there is a company that has a registered mark for REGENT to sell pornographic films, then another company with a registered the REGENT mark for plumbing supplies is not going to be able to prevent the porn film company from registering regent.xxx.

In any event, brand owners worried about tarnishment through association the .xxx top-level domain should pay close attention to the ICM Registry site for the next few weeks.
Subscription RequiredAll BNA publications are subscription-based and require an account. If you are a subscriber to the BNA publication and signed-in, you will automatically have access to the story. If you are not a subscriber, you will need to sign-up for a trial subscription.

You must Sign In or Register to post a comment.

Comments (0)