Spam Laws and Entertainment

By Rob Hassett

Casey Gilson P.C.

Six Concourse Parkway, Suite 2200

Atlanta, Georgia 30328

(770) 512-0300, ext. 557

rob@internetlegal.com

Law Firm Website:  www.caseygilson.com

Personal Website:  http://www.internetlegal.com/

Posted: May 8, 2006

* Mr. Hassett is a co-author of Volume 5 (which volume is entitled Internet and Interactive Media) of the 10 volume treatise entitled Entertainment Industry Contracts which is published by Lexis Nexus.  This article is adapted from Chapter 109Q of Volume 5 of that treatise.

109Q.01   Background

One of the goals of any entertainment oriented website is to encourage individuals to view the site.  Websites generally earn income by selling products or services, charging for subscriptions or advertising.  No matter what approach is used, the more “eyeballs” the better.  Therefore, one of, if not the primary, goal of any entertainment website is to attract viewers.

One way to attract viewers is by sending promotional emails to customers and potential customers.  However, if the email is unsolicited, or, even if consented to, if the recipient believes it is unsolicited or if the recipient otherwise does not want it, the sender risks serious adverse consequences which may include:

(1)       Alienation of customers and potential customers irritated by the email;

(2)       Blocking of all email from the sender either by the recipient or by the recipient’s use of certain types of software and services that block out all email from a sender’s address; and

(3)       Violating applicable law including incurring substantial civil and/or even criminal penalties.

109Q.02         Alienation of Customers and Potential Customers

Most recipients of spam hate receiving it and a significant percentage of recipients of email will in effect “boycott” any vendor that sends them unsolicited email.  Unfortunately, many spammers will weigh this fact against the fact that a significant portion of the population (according to some reports, as high as eight (8%) percent) will, on at least some occasions, purchase products or services in which they are interested from a vendor they learn about from spam.  Still, the likely alienation of customers and potential customers should be enough, without more, to dissuade most owners of entertainment websites from trying to attract viewers by using unsolicited email.

109Q.03         Blocking of Emails

Email recipients can take steps to block a substantial percentage of email sent to them by spammers.  One option, available to most recipients of email, is to intentionally block all email from a particular email address or from an entire domain.  There are two (2) major drawbacks to this approach.  First, many times the spammers use the return email addresses of other innocent parties. This practice, called spoofing, is illegal and even criminal, but does make it impossible for any recipient to be sure that they are blocking email from the address of the spammer as opposed to the address of an innocent third party.  Second, this approach is reactive, as opposed to proactive, in that the recipient must first receive the unwanted email before being able to block future email from that same address.

There are also software programs, such as the “SafetyBar” software available at http://www.spamnet.com/, that are community based and use algorithms to redirect email received that purportedly constitutes spam into a spam folder.  Such software does not rely on the purported return address to determine whether an email is spam.  Instead the software blocks emails based on whether a certain number of its over 1 million users report that they have seen the email and that it is spam.  If the email is confirmed as spam, then it is sent to the spam folders of all users of the software (the users can always view the software and elect to receive email from that source).  Then, using proprietary algorithms, emails from the same source, which, as addressed above, may not be the same as the purported return address on the email, are also blocked.

Additionally, many business users run all of their email through outside spam and virus blocking services such as the service available from AppRiver at http://www.appriver.com/ and Postini at http://www.postini.com/.  With these services the user routes all email to a particular domain through the spam and virus blocking service of the third party provider.  The advantage of these third party services is that the email is blocked before it ever reaches the user’s computer and so the services are much better for users who also view their email with BlackBerries, cell phones and other wireless devices.  Products like SafetyBar work only on the computer on which the software resides and so are no help for blocking spam to BlackBerries and similar devices.

The problem for the owner of a website is that if the owner sends out mass emails not wanted by the recipients, with widespread use of the above described software and/or services, all emails from that owner may be blocked.  In that situation a customer who, by signing up, is supposed to receive  an email,  may never receive it and, if they do not check to see what is blocked, may never know they did not receive it.

109Q.04         Anti-Spam Laws

Prior to January 1, 2004 there was no federal law prohibiting spam.  However, 29 states had enacted laws prohibiting unsolicited email.  There was variation among these statutes.  The most restrictive statutes were Delaware’s (prohibited all unsolicited bulk commercial email) and California’s (prohibited all unsolicited commercial email).  Other states included one or more of the following four prohibitions on commercial and/or bulk email:

(1)       Must not include false or missing routing information, misleading subject line and/or use another’s domain name;

(2)       Must not include sexually explicit material;

(3)       Must include “ADV” or “ADV ADLT” (or similar, but differing) language in the subject line (generally at the beginning); and/or

(4)       Must include an easy method to opt out from future emails.

One question many lawyers had was whether the Delaware and California laws were constitutional.  If constitutional, the law in these states would legally prohibit most unsolicited commercial email.  With respect to commercial speech that concerns lawful activity and is not misleading, the test of constitutionality is:

(1)       Is there a substantial governmental interest;

(2)       Does the law directly advance that governmental interest; and

(3)       Is there a reasonable fit between the purpose of the restriction and the scope of the restriction?

The Delaware and California statutes did meet the first two tests.  There is a substantial governmental interest in reducing unsolicited commercial email in that there is now so much of it that it slows down the Internet and most people hate receiving it.  A prohibition on unsolicited commercial email advances that interest since, if spammers are prohibited from sending unsolicited commercial email to Delaware and California, their citizens would, at least theoretically, not receive any.

The interesting question is whether or not the third test is met.  Is there a reasonable relation between the objective being achieved and the scope of the restriction?  There are certain other, less drastic, ways to reduce unsolicited commercial email such as requiring “ADV” in the subject line.  With “ADV” in the subject line any individual or ISP could screen out the email.  Proponents of the Delaware law would probably argue that the constitutionality of the Delaware law is supported by the cases holding that the federal anti-fax statute, which prohibits all unsolicited faxes, is constitutional.  However, there is no way for individual fax machine owners to screen out unwanted faxes while there is a way to screen out unsolicited commercial bulk email other than to bar all of it.

In any event the state laws only applied to unsolicited “commercial” email.  The reason is that under the “free speech” clause of the First Amendment to the U.S. Constitution any restriction of non-commercial speech must be narrowly tailored (in other words there is less room to go beyond what is necessary to advance the interest of concern).  So sending out a bulk email that contains primarily informative, literary or artistic content, even if it also contains a promotional or advertising element, would seemingly not have been barred under any state law.

All of the state statutes of which the author is aware defined “unsolicited” as having no pre-existing relationship.  So if there was a pre-existing relationship, these statutes would not apply.

Until January of 2004, there was no federal law expressly prohibiting spam.  Probably partially due to lobbying by bulk emailers who were operating in the United States and believed themselves to be vulnerable to lawsuits based on state anti-spam laws at the end of 2003 Congress enacted a federal anti-spam law that became effective as of January 1, 2004.  The bulk emailers who lobbied for passage probably preferred one anti-spam law that applied across the country and allowed mass emailings provided certain requirements were met as opposed to a large number of different, sometimes contradictory, laws that in a few states completely prohibited mass commercial emailings.  The Act is entitled:  “The Controlling the Assault of Non-Solicited Pornography and Marketing Act” and is referred to as the “CAN-SPAM Act of 2003.”  Most  sections of the Act are codified at 15 USC 7701 et. seq.  Important features of the CAN-SPAM Act include:

(1)       It only applies to “commercial electronic mail.”  “Commercial electronic mail” is defined as “electronic mail . . . the primary purpose of which is the commercial advertisement or promotion of a commercial product or service (including content on an Internet website operated for a commercial purpose).”  The Federal Trade Commission was assigned the task of enacting regulations for determining “the primary purpose of an electronic mail message.”  One reason the Act was written to apply only to “commercial email” was to reduce the likelihood of a court finding that the Act violates the free speech clause of the first amendment.  The term “commercial email” is ambiguous.  However, an email newsletter with primarily informative or entertainment content concerning computers, the Internet, news, sports,  political or other matters sent out by an entity that promotes nothing or includes ads and/or solicitations which are placed deep in the newsletter and from multiple sources would not, in the opinion of the author, be within the scope of the CAN-SPAM Act.  On the other hand, an email from an entertainment website inviting recipients to try out the site would certainly be within the scope.  Whether an emailed newsletter from a business, such as a law firm, that provides goods and services but does not distribute, in either a printed or electronic format, publications as its main business is within the scope of the CAN-SPAM Act can be a close question.  The author believes that if the newsletter consisted primarily of informative material, it would not be considered “commercial” and therefore not subject to the requirements of the Act.

(2)       The Act “supersedes any statute, regulation or rule of a State or political subdivision of a State that … regulates or restricts the use of electronic mail to send commercial messages, except to the extent that such statute, regulation, or rule prohibits falsity or deception [or laws that are not specifically focused on electronic mail such as state trespass, contract or tort law or state laws that relate to acts of fraud or computer crime].”

(3)       The law does not prohibit the sending of commercial email messages, but instead prohibits certain activities in conjunction with sending out such electronic mail.

(4)       Unlike the state laws, although an exemption may be introduced by regulation, the Federal law does not exempt email just because there is a prior relationship between the parties except that it does provide an exception from requirements not related to deception as to the source of the email to the extent the email is a follow-up to a previous transaction such as related to warranty rights.  It is important to note that this exemption does not, by definition, apply if the email contains advertising or a solicitation.

(5)       Unlike as was the case under state law, obtaining a consent only exempts a spammer from being required to clearly and conspicuously indicate that a commercial email is an advertisement or solicitation (See “7(g)” below).  The state law prohibitions only applied to email that was “unsolicited.”

(6)       The following constitute criminal violations:

(a)      Assessing a computer without authorization and sending out multiple commercial email messages from such computer (some of the worst spammers have been using computers of unaware consumers with fixed connections to the Internet such as over cable modems or DSL to send out their commercial email);

(b)      Deceiving recipients of email as to the source of the email message (this would cover one of the most insidious, but common, practices whereby spammers “spoof” the email domain name of an unknowing website owner misleading all email recipients into believing that that innocent website owner sent the spam thereby harming the reputation of the website owner).

(7)       The following constitute civil violations:

(a)       The above criminal violations can also be the basis for civil claims;

(b)       Inclusion of deceptive subject headings;

(c)        Failure to include a functioning return electronic mail address;

(d)       Failing to clearly provide an opportunity to decline further communications via email;

(e)       Continuing to send email ten (10) days after being requested to stop;

(f)         Failing to provide a valid physical postal address of the sender; and

(g)  Failing to clearly and conspicuously indicate that the message is an advertisement or solicitation.

(8)       Any sexually oriented email must contain a warning in the subject heading.

(9)       The prohibitions apply to any person that “initiates” a commercial electronic mail message which includes both originating or transmitting the message and procuring the origination or transmission of the message.  So a website owner that hires a bulk emailer to send out the emails can be liable for all the above violations.

(10)     A supplier of products or services to an affiliate (an entity in which the supplier holds a greater than 50% controlling or economic interest) or to an unrelated third party when the supplier has actual knowledge of a violation is required to take reasonable actions to prevent the transmission of or detect and report to the Federal Trade Commission the sending of commercial email with misleading information in the header of the email regarding the sender of the email.

(11)     Enforcement of criminal penalties is handled by the United States Department of Justice.  The right to enforce civil penalties is vested in the Federal Trade Commission except for bulk emailers which are regulated by specific agencies such as member banks of the Federal Reserve System, brokers and dealers under the Securities & Exchange Commission and insurance companies under state insurance commissioners, with respect to which enforcement of civil penalties is vested in such other agencies.  There are no private rights of action.  Attorney Generals of various states can file actions on behalf of the citizens of those states.  For certain violations, application service providers may file actions to recover damages to them.

(12)     Penalties and liabilities include:

(a)       For a criminal violation – fines up to $500,000 for organizations and $250,000 for individuals and imprisonment for up to 5 years and forfeiture of all gross proceeds obtained as a result of the offense and of any equipment, and/or software used to commit or facilitate the offense;

(b)       For a civil violation –

(i)         If subject to enforcement by specific agencies such as the Securities & Exchange Commission, penalties are set by the statute specific to regulation of those agencies; otherwise, penalties are set under the Federal Trade Commission Act and include penalties of up to $11,000 per violation.

(ii)        Enforcement by states – the attorney general of any state may file a civil action on behalf of residents of the state denominated as an action “as parens patriae” – the courts are unclear as to whether that money is kept by the state or provided to the citizens –  equal to the greater of $250 per email to each recipient in the state or the amount of actual damages proved.  The court may triple the award and also award attorney fees.

(c)        Internet Access Services – have the right to file actions to enjoin actual losses and collect up to $100 per email per recipient.

The FTC reports on its website (www.ftc.gov/spam) that it has already filed actions for violations of the Anti-Spam Act, although the descriptions of cases on the website indicate that the initial actions are against spammers that are involved in some sort of deception as opposed to other types of violations such as failures to indicate that the spam is an advertisement or promotion.

Various state cases have held that the sending of large volumes of unsolicited email to the customers of particular internet service providers, after being notified not to do that, can constitute trespass under state law because of the damage to the computers of the internet service providers.

For additional information about anti-spam laws see Professor David Sorkin’s excellent website at http://www.spamlaws.com/ and the Federal Trade Commission’s website concerning its anti-spam activities at www.ftc.gov/spam.

109Q.05         Foreign Anti-Spam Laws

Although beyond the scope of this Chapter, the sending of promotional email to residents of many countries outside the United States, including countries that are members of the European Union and Canada, is restricted by the laws of those countries.

109Q.06         Conclusions

To avoid alienating customers, being added to numerous block lists and violating applicable law, choices for website owners are:

(1)       Not to use email to promote the website;

(2)       Send email only to visitors to the website that have consented to the sending of email to them, or have otherwise consented to receiving email at seminars, trade shows and the like, not to exceed the scope of such consents and comply with the provisions of the CAN-SPAM Act that apply even when a consent has been obtained; or

(3)       Include an ad in established well-received email publications such as emails sent daily by the New York Times, the emails sent weekly by email services such as the Leebow Letter published by 300incredible.com (see http://www.300incredible.com/), or the CNET newsletter available at (http://www.seenet.com/).

Because of the uncertainty about what constitutes “commercial electronic mail” the undersigned is currently cautioning clients against sending “educational” emails that are apparently sent for the purpose of drawing potential customers to a website except in strict compliance with the CAN-SPAM Act.  Although a very strong argument can be made that if informative and where directly promotional material is only a minor part of such emails and placed toward the end, such emails are not covered by the CAN-SPAM Act, unless and until it is made clear by applicable regulations or case decisions that such emails are not covered, the potential exposure is too great to justify sending those materials out except in compliance.  Additionally, no matter how valuable the newsletters may be, many recipients will block further emails from such address which could interfere with later communications.

Even if the bulk email your client is planning to send out is in compliance with federal law, it is also necessary for your client to comply with the terms of use of its own internet service provider.    Also, if the volume of email being sent out is sufficiently large, your client may receive a notice to stop sending to customers of a particular ISP and, if not stopped, there are cases that would indicate that action could be considered trespass.

© 2006 LexisNexis and Rob Hassett, All rights reserved.

The information above is provided for general educational purposes and not as legal advice. Laws in areas in which we practice change continually and also vary from jurisdiction to jurisdiction. Therefore no visitor to our site should rely on any of the articles provided for legal advice, but should always consult their own attorney regarding legal matters.


Recent Developments in Internet Law

Rob Hassett and Suellen W. Bergman

Hassett Cohen Goldstein & Port, LLP

990 Hammond Drive, Suite 990 Atlanta, GA 30328

(770) 393-0990

http://www.internetlegal.com

 

ACKNOWLEDGEMENTS

The writers wish to thank Robert Port, a partner in the above law firm, and Lori Brill, an associate in the above law firm, for their help in preparing these materials.

I.       Introduction

Over the past year, courts, Congress, and state legislatures have dealt with a number of different issues concerning the Internet, including:

1.         The enforceability of agreements entered into over the Internet;

2.         Spam;

3.         Under what circumstances is there liability for copying?

4.         How far will the courts go to restrict the use of marks as domain names, metatags and other uses on the Internet?

5.         What privacy rules apply?

6.         What is a Web site operator’s liability for a Web site which involves activity that is legitimate in some jurisdictions, but illegal in others?

These and other recent developments are discussed in this paper.

II.      What constitutes an enforceable agreement entered into over the Internet?

Agreements entered into over the Internet generally take one of two forms, either an exchange of  e-mail or clickwrap. Clickwrap agreements are agreements formed by a purchaser manifesting assent to the terms of an agreement online by pointing and clicking a mouse. An agreement based on an exchange of e-mails relating to subject matter which does not require a signed writing to be enforceable has been held to be effective. See, e.g., CompuServe, Inc. v. Richard S. Patterson, 89 F.3d 1257 (6th Cir. 1996). The controversies regarding the enforceability of agreements entered into over the Internet involve the enforceability of clickwrap agreements and whether agreements entered into over the Internet constitute signed writings.

A.        Clickwrap Agreements

The authors are not aware of any cases to date that directly address the issue of whether clickwrap agreements are enforceable. There is one case that implicitly holds that they are enforceable. A number of cases deal with whether shrinkwrap agreements (which we believe provide a useful legal analogy) are enforceable. The most important issue addressed by courts today regarding the enforceability of shrinkwrap agreements is whether or not shrinkwrap agreements are pre-empted by copyright law.

1.         The case that implicitly held that clickwrap licenses are enforceable is Hotmail Corp. v. Van Money Pie, Inc., (N.D. Cal. 1998) 47 U.S.P.Q. 2d (BNA) 1020 (1998); 1998 U.S. Dist. Lexis 10729 (April 16, 1998). In that case, the United States District Court for the Northern District of California granted the plaintiff a preliminary injunction in a case alleging that the defendants breached the terms of a service contract for using the plaintiff’s e-mail service. Without discussing the issue, the Court in that case implicitly held that the defendants were obligated to the terms of service on the Hotmail Web site. Users of that service agreed to those terms by clicking the “I agree” button.

2.         In ProCD, Inc., v. Zeidenberg, 86 F.3rd 1447 (7th Cir. 1996), ProCD developed and sold copies of a CD ROM containing a database of telephone numbers. The CD ROM box informed the consumers there was a shrinkwrap license inside the box. The shrinkwrap license provided that the purchaser was only receiving a license and the purchaser could not make copies of the product. Zeidenberg copied the database onto his own Web site and then provided access to the database via his Web site to customers for a fee. The Court rejected the holding of Vault Corp. v. Quaid Software Ltd., 847 F.2d 255 (5th Cir. 1988), that shrinkwrap licenses are pre-empted by copyright law, and held that the ProCD shrinkwrap license was enforceable.(1) The Court thus provided a way for database developers to protect their databases (by contract) even though copyright law would probably not protect the database here. (2)

a.         Several courts have followed the ProCD decision: Microstar v. Formgen, Inc., 942 F. Supp. 1312 (S.D. Cal. 1996) (copying from a computer game); Hill v. Gateway 2000, Inc., 105 F.3rd 1147 (7th Cir.), cert. denied, 522 U.S. 808, 118 S.Ct. 47, 139 L.Ed.2d 13 (1997) (shrinkwrap license sent with a Gateway computer); Brower v. Gateway 2000, Inc., 246 A.D.2d 246, 676 N.Y.S.2d 569, 37 U.C.C. Rep. Serv. 2d (CBC) 54 (N.Y. App. Div. 1st Dep’t 1998) (allowed Gateway 2000 to require that any disputes be resolved by arbitration in Chicago, Illinois); and Mortenson Co., Inc. v. Timberline Software Corp., 93 Wash. App. 819, 831, 970 P.2d 803, 809 (1999) (upheld a shrinkwrap license agreement, included in the software, which was fairly standard and contained an “accept-or-return” provision).(3)

b.         Note that Section 112 of the Uniform Computer Information Transactions Act (UCITA), discussed infra, would modify ProCD somewhat because UCITA provides that where a mass-market purchaser licensee does not have an opportunity to review a mass-market license or a copy of it before becoming obligated to pay and does not agree, to the license after having the opportunity to review it, the licensee is entitled to return the product and (1) is entitled to reimbursement of any reasonable expenses incurred in complying with the licensor’s instructions for return or destruction of the computer information or, in the absence of instructions, incurred for return postage or similar reasonable expense in returning it; and, in some circumstances, (2) is entitled to compensation for any reasonable and foreseeable costs of restoring the licensee’s system. See UCITA Section 112.

A case which tangentially addressed the shrinkwrap issue is Step-Saver Sys. v. Wyse Tech. and The Software Link, 939 F.2d 91 (3rd Cir. 1991), where the Court applied the “battle of the forms” rules and determined that the parties’ agreement was complete when the goods were ordered via telephone coupled with the purchase order. The Court held that the shrinkwrap license was sent after the fact and thus had no effect. The Software Link’s shrinkwrap license was also held unenforceable for the same reason in Arizona Retail Sys., Inc. v. The Software Link, 831 F. Supp. 759 (D. Ariz. 1993).

3.       Generally, it appeared that the copyright pre-emption barrier raised in Vault Corp., supra, had been buried by ProCD and its progeny. However, in a case involving claims relating to the pitching of a marketing concept (which did not involve any kind of online agreement but could have repercussions in the online context), the United States District Court for the Western District of Michigan held that the claim was pre-empted by copyright law. See Wrench, LLC v. Taco Bell Corp., 51 F. Supp. 2d 840 (W.D. Mich. 1999), 51 U.S.P.Q.2d (BNA) 1238. The Court denied the claim of a company that had pitched the Chihuahua concept to Taco Bell and claimed Taco Bell used the concept without paying for it. The Court held that any implied contract was pre-empted by copyright law. The Court distinguished ProCD on the somewhat nebulous grounds that the ProCD agreement was in effect at the time of purchase (i.e. before use of the product) whereas the Taco Bell agreement was not supposed to take effect unless Taco Bell started using the Chihuahua concept (i.e. after use of the concept). Note that use or copying of a product (i.e. a copyrighted item) is the same action which triggers liability under copyright law. This case is in line with an earlier Louisiana case regarding shrinkwrap licenses: Vault Corp., supra.

B.      Signed Writings

Both clickwrap agreements and e-mail exchanges may cover transactions where signed writings are required under the applicable statute of frauds. A number of states now have some kind of a digital signature act. Most of these acts require that, to satisfy any statute of frauds, the electronic signature must be:

1.       Unique to the person using it,

2.       Capable of verification, and

3.       Under the sole control of the person using it.

See, e.g., Georgia Electronic and Signatures Act at O.C.G.A. §10-12-3 et seq. as originally enacted; the Utah Digital Signatures Act, Utah Code Ann. §46-3-101, et seq. (Supp. 1996). Before the enactment of O.C.G.A. §10-12-3 et seq., an argument could be made in Georgia that anything intended to be a signature would constitute a signature. See, e.g., Troutt v. Nash AMC-Jeep, Inc., 157 Ga. App. 399, 278 S.E.2d 54 (1981), which held that the printing of a company name at the bottom of a form constituted a signature, permitting a car dealer to meet certain state law requirements of providing a signed form. The latest developments in this area are discussed below.

1.       The newest version of Georgia’s statute, (4) Electronic Records and Signatures, which provides for broad acceptance of electronic signatures, reads, in pertinent part, as follows:

(a)        Records and signatures shall not be denied legal effect or validity solely on the grounds that they are electronic.

(b)        In any legal proceeding, an electronic record or electronic signature shall not be inadmissible as evidence solely on the basis that it is electronic.

(c)        When a rule of law requires a writing, an electronic record satisfies that rule of law.

(d)       When a rule of law requires a signature, an electronic signature satisfies that rule of law.

(e)        When a rule of law requires an original record or signature, an electronic record or electronic signature shall satisfy such rule of law.

(f)        Nothing in this Code section shall prevent a party from contesting an electronic record or signature on the basis of fraud.

O.C.G.A. §10-12-4 provides further as follows:

The term “electronic signature” is defined as “a signature created, transmitted, received, or stored by electronic means and includes but is not limited to a secure electronic signature.”(5) O.C.G.A. §10-12-3. The term “record” is defined as “information created, transmitted, received, or stored either in human perceivable form or in a form that is retrievable in human perceivable form.” O.C.G.A. §10-12-3.

2.       The proposed Uniform Electronic Transactions Act (UETA), which provides that “an electronic record or signature may not be denied legal effect or enforceability solely because it is in electronic form” and that “if a law requires a record to be in writing, an electronic record satisfies the law”(6) has been approved by the National Conference of Commissioners on Uniform State Laws, and the Conference has voted to present the Act to states for adoption. (7)

The Electronic Transactions Act has been passed in California. California’s Governor signed the Uniform Electronic Transactions Act on September 16, 1999, and it was chaptered (Chapter No. 428) by the Secretary of State on the same date. See CA S.B. 820.

3.       The Uniform Computer Information Transactions Act (former proposed UCC Article 2B). The legal rules for computer information transactions which was to be promulgated by the National Conference of Commissioners on Uniform State Laws (8) as Article 2B of the Uniform Commercial Code, instead is being proposed as the Uniform Computer Information Transactions Act (UCITA).(9) The Act is the first general commercial statute to provide comprehensive procedures and rules for computer software licensing. Most of those rules would also be appropriate for a broad range of transactions outside UCITA’s scope, and it is expected that they will form the model for several future articles of the UCC as they did for the Uniform Electronic Transactions Act (UETA), which was approved at the same time.(10) The provisions include:

an express recognition of electronic records as the equivalent of writings, rules for attribution of electronically generated messages, methods for establishing authentication, rules for allocating losses caused by electronic errors, and rules for determining when electronic messages are deemed to be effective. A particularly noteworthy provision recognizes the enforceability of agreements made by the interaction of “electronic agents,” even if no human was directly involved in either or both sides of the “negotiation.” (11)

Software publishers and computer manufacturers strongly support UCITA, but it is as strongly opposed by a wide range of groups. UCITA is controversial because:

UCITA represents a movement toward licensing of information in its many forms and away from the sale of copies as traditionally understood under copyright law. UCITA would enforce the broad [consumer] use of “shrink-wrap” and computer “click-on” licenses (called “mass-market licenses” in UCITA). By licensing rather than selling something, a vendor can wield more control of the downstream use of the product. Placing new constraints on the use of information in mass-market transactions can, in turn, constrain the use of information for important public purposes such as democratic speech, education, scientific research, and cultural exchange. Many believe that UCITA fails to appreciate the strong public interest in prohibiting new restrictions on information exchange.

The scope of UCITA is extremely broad. “Computer information,” under UCITA, includes everything from copyrighted expression, such as stories, computer programs, images, music and Web pages; to other traditional forms of intellectual property such as patents, trade secrets, and trademarks; to newer digital creations such as online databases and interactive games. Although the statute claims to be limited to information in electronic form, it allows other transactions to “opt-in” to being governed by UCITA.

Many legal community commentators are of the opinion that UCITA (or something like it) is not necessary or, at least, it is premature. This view is based on the opinion that existing common law and copyright law are developing appropriately to handle the new types of information-based transactions emerging in the information economy.

The American Law Institute (ALI), consumer advocacy groups, libraries, and the Federal Trade Commission have continued to criticize and/or oppose the UCITA proposal and prior UCC 2B drafts, yet their concerns have not been addressed. Instead, NCCUSL intends to push the UCITA proposal as quickly as possible to state legislatures.

A Quick Look at the Uniform Computer Information Transactions Act (UCITA), American Association of Law Libraries: Washington Affairs, July 15, 1999.(12)

4.         Ballas v. Tedesco, 41 F.Supp. 2d 531 (D.N.J. 1999). This case addresses the issue of whether an exchange of e-mails can satisfy the requirement that assignments of copyrights are not effective unless they are in writing and signed by the transferor. See, Copyright Act §201(d). In this case, Tedesco wanted to produce a CD of dance music for Ballas. Ballas would pay Tedesco a fee for the musical arrangements and production of the CD, and Ballas would have the exclusive right to manufacture copies of the CD for sale. Negotiations, via e-mail, were unsuccessful, and the parties did not agree on terms of the arrangement. The parties agreed that the music content copyright belonged to the Defendant. The Court enjoined the Plaintiff from making or selling the music on the CD because the Court found that there was no valid assignment of the copyright since there was no written assignment.

III.    Spam (13)

A.        Spam cases

1.         Hartford House, Ltd. d/b/a/ Blue Mountain Arts v. Microsoft Corp., CV 778550, Sup. Ct. Cal. Santa Clara County, 1998. Blue Mountain creates and sends electronic greeting cards. In this lawsuit, Blue Mountain charged that (1) Microsoft has a competing electronic greeting card Internet site and (2) Microsoft distributed a trial version of Internet Explorer which includes an e-mail filter that identifies Blue Mountain’s cards as spam and sends them into a junk mail folder instead of sending them to the intended recipient. On December 17, 1998, Judge Robert Baines ordered Microsoft to provide Blue Mountain with the necessary information to enable Blue Mountain to alter its e-mail notification messages and greeting cards to ensure that they pass through Microsoft’s anti-spam filtering tool in the beta version of Internet Explorer 5.0. (14)

2.         Intel v. Hamidi, Superior Court of California, County of Sacramento, Judge John R. Lewis, April, 1999. Ken Hamidi was dismissed from Intel in 1995. On six occasions between 1996 and 1998, he sent e-mail messages to over 30,000 Intel employees, which detailed his opinion of the company’s abusive and discriminatory employment practices. In April, 1999, Judge Lewis granted summary judgment to Intel, finding that Hamidi’s messages trespassed on Intel’s proprietary computer system and caused harm. This decision has been criticized (15) because (1) although there was arguably no state action,(16) Judge Lewis did not engage in any First Amendment analysis and (2) given the serious purpose of Hamidi’s messages and the minimal harm they caused to Intel’s computers, Hamidi’s free speech rights should prevail over Intel’s property rights in a fair balancing test.

3.         The Tenth Circuit, in U.S. West v. FCC, 182 F.3d 1224 (10th Cir. 1999), held that U.S. West could not be blocked by an FCC rule from using information obtained from customers regarding who the customers called, and other similar data, for marketing to those individuals because such prohibition was “a violation of the First Amendment.” The Court reasoned that such use constituted commercial speech, applied the First Amendment commercial speech analysis, and held that the proposed FCC rule was unconstitutional. The test (17) was as follows:

First, determine whether the commercial speech concerns lawful activity and is not misleading. If so, the speech can only be restricted if:

(1)        the government has a substantial state interest in regulating the speech;

(2)        the regulation directly and materially advances that interest; and

(3)        the regulation is no more extensive than necessary to serve the governmental interests.

Surprisingly, the Court found that the rule was not narrowly tailored because it did not do such things as allow phone customers to opt in or opt out (assuming that there is a serious desire by telephone company customers to have their personal calls tracked and used for marketing purposes). This indicates that some anti-spam statutes may violate free speech if they completely prohibit spam without considering other alternatives.

This case is troubling because:

(1)        it allows telephone companies that track customer calls to use that information to market to those customers, and

(2)        this analysis could support a First Amendment right to send spam.

As in other spam cases, U.S. West involves a “captive,” as opposed to a “voluntary,” audience. (18)

To date, the cases that have held spam to be illegal involved claims of Internet Service Providers and Intel,(19) that spam is a form of trespass. This analysis of spam as a trespass is not as vulnerable to a First Amendment attack as a state or federal statute prohibiting spam. See, e.g., CompuServe, Inc. v. Cyber Promotions, Inc., 962 F. Supp. 1015 (S.D. Ohio 1997) (holding that a private company’s motion seeking a court to enjoin “spam trespass” did not constitute state action subject to a First Amendment attack).(20)

B.        Federal Legislation

A proposed federal statute regarding unsolicited bulk e-mail was introduced in the House on May 5, 1999: Internet Freedom Act, 106 H.R. 1686. (21) This Act, in proposed Section 104, entitled “Protection from Fraudulent Unsolicited E-Mail,” would amend 18 U.S.C. § 1030 such that, inter alia, it would be a violation of the Act to “intentionally and without authorization initiate the transmission of a bulk unsolicited electronic mail message to a protected computer with knowledge that such message falsifies an Internet domain,(22) header information, date or time stamp, originating e-mail address or other identifier” or to sell or distribute a computer program which (a) “is designed or produced primarily for the purpose of concealing the source or routing information of bulk unsolicited electronic mail messages (23) in a manner prohibited by” the Act, (b) “has only limited commercially significant purpose or use other than to conceal such source or routing information,” or (c) “is marketed by the violator or another person acting in concert with the violator and with the violator’s knowledge for use in concealing the source or routing information of such messages.” The Act provides for the following potential damages for various offenses: injunctive relief and other equitable relief, actual monetary losses, statutory damages of $15,000 per violation or an amount of up to $10 per message per violation, whichever is greater; reasonable attorneys’ fees, and other litigation costs.

C.        State Legislation

Some states have passed laws regarding unsolicited e-mail.

1.         Washington State: Wash. Rev. Code § 19.190.020 (1999), entitled “Unsolicited or Misleading Electronic Mail — Prohibition,” provides as follows:

(1)        No person, corporation, partnership, or association may initiate the transmission of a commercial electronic mail message from a computer located in Washington or to an electronic mail address that the sender knows, or has reason to know, is held by a Washington resident that:

(a)        Uses a third party’s Internet domain name without permission of the third party, or otherwise misrepresents any information in identifying the point of origin or the transmission path of a commercial electronic mail message; or

(b)        Contains false or misleading information in the subject line.

(2)        For purposes of this section, a person, corporation, partnership, or association knows that the intended recipient of a commercial electronic mail message is a Washington resident if that information is available, upon request, from the registrant of the Internet domain name contained in the recipient’s electronic mail address.

2.         Nevada’s statute focuses on spam which contains advertisements. Nev. Rev. Stat. 41.730, entitled “Liability of Persons Who Transmit Items of Electronic Mail That Include Advertisements,” provides:

1.         Except as otherwise provided in Nev. Rev. Stat. 41.735, (24) if a person transmits or causes to be transmitted to a recipient an item of electronic mail (25) that includes an advertisement, the person is liable to the recipient for civil damages unless:

(a)        The person has a preexisting business or personal relationship with the recipient;

(b)        The recipient has expressly consented to receive the item of electronic mail from the person; or

(c)        The advertisement is readily identifiable as promotional, or contains a statement providing that it is an advertisement, and clearly and conspicuously provides:

(1)        The legal name, complete street address and electronic mail address of the person transmitting the electronic mail; and

(2)        A notice that the recipient may decline to receive additional electronic mail that includes an advertisement from the person transmitting the electronic mail and the procedures for declining such electronic mail.

2.         If a person is liable to a recipient pursuant to subsection 1, the recipient may recover from the person:

(a)        Actual damages or damages of $10 per item of electronic mail received, whichever is greater; and

(b)        Attorney’s fees and costs.

3.         In addition to any other recovery that is allowed pursuant to subsection 2, the recipient may apply to the district court of the county in which the recipient resides for an order enjoining the person from transmitting to the recipient any other item of electronic mail that includes an advertisement.

3.         California has also passed a law dealing with unsolicited bulk e-mail (which also applies to unsolicited faxes). This California Statute requires that the sender of unsolicited advertisements advise the e-mail recipient that the e-mail is an advertisement by placing the characters “ADV:” first in the subject line and also requires that the sender provide the recipient a return address or a toll-free number where the recipient can request that the sender refrain from sending additional unsolicited e-mail. See Cal. Business & Professions Code §17538.4. (Division 7, Part 3, Chapter 1) (Deering 1999), entitled “Unsolicited fax or e-mail.”(26)

IV.     Copyright

Several recent Internet related cases and statutes involve copyright issues, including the rights to sound recordings, distribution and derivative rights, and copyright term.

A.        Legislation

The Digital Millennium Copyright Act of 1998 (105 P.L. 304; 112 Stat. 2860)

1.         Exempts Internet service providers from liability for copyright infringement under certain circumstances;

2.         Makes it illegal to circumvent technology used to prevent copyright infringement(27) and, inter alia (this provision is to take effect two (2) years from October 28, 1998);

3.         Expands the rights of owners of sound recordings to restrict performance (or in some cases receive set royalties for) of their sound recordings from what was covered by the Digital Sound Recording Act of 1995 (28) to any sound recordings provided over the Internet whether or not it is via subscription or interactive (this provision is effective as of the date of enactment).

B.        RIAA v. Diamond Multimedia Sys., Inc., 29 F. Supp. 2d 624 (C.D. Cal. 1998) aff’d, 180 F.3d 1072 (9th Cir. 1999), 51 U.S.P.Q.2d (BNA) 1115.

The Court of Appeals for the Ninth Circuit affirmed the denial of a preliminary injunction finding that Diamond Multimedia, the maker of Rio,(29) had not violated the Audio Home Recording Act of 1992 (30) with the Rio because the Rio could not make copies except from a hard drive. The Court found that such copying was not covered by the Act. However, on August 4, 1999, Diamond Multimedia and the RIAA announced that they entered into a settlement agreement. RIAA’s general counsel and senior executive vice president, Cary Sherman, stated that this “announcement makes clear that the future of the digital music marketplace will be created in the marketplace itself, enabled by initiatives like SDMI [Secure Digital Music Initiative].”(31) While the authors have not been able to obtain details of the settlement reached between RIAA and Diamond Multimedia, one can infer from what has been published that the terms probably include a requirement that Diamond incorporate technology which prevents serial copying.

C. Tasini v. New York Times Co., 1999 U.S. App. LEXIS 23360 (2d Cir. 1999).

A federal district court in New York held that making publication information accessible on Lexis-Nexis and other similar data bases “constitutes reproduction and distribution of freelance contributions as part of that particular collective work.” Tasini v. The New York Times Co., 972 F.Supp. 804 (S.D.N.Y. 1997), 43 U.S.P.Q.2D (BNA) 1801. The District Court held that the publishers were protected by a privilege afforded to publishers of “collective works” under Section 201(c) of the Copyright Act, but the Second Circuit reversed this decision in Tasini v. New York Times Co., 1999 U.S. App. LEXIS 23360 (2d Cir. 1999). The Second Circuit concluded that “the Publishers’ licensing of Authors’ works to UMI for inclusion in these databases is not within the Section 201(c) revision privilege.” Id. at *22. The Court continued:

The relevant inquiry under Section 201(c), is . . . whether the republication or redistribution of the copyrighted piece is as part of a collective work that constitutes a “revision” of the previous collective work, or even a “later collective work in the same series.” If the republication is a “new anthology” or a different collective work, it is not within the privilege. H.R. Rep. No. 94-1476, at 122-23 (1976), reprinted in 1976 U.S.C.A.A.N. 5659, 5738. Because NYTO is for present purposes at best a new anthology of innumerable editions of the Times, and at worst a new anthology of innumerable articles from these editions, it cannot be said to be a “revision” of any (or all) particular editions or to be a “later collective work in the same series.”

Id. at *22-23. Accord Ryan v. Carl Corp., 23 F. Supp. 2d 1146, 1150 (N.D. Cal. 1998), 48 U.S.P.Q.2D (BNA) 1626 (commenting that “calling the reproduction of a single article a “revision” of a collected work, however, is more strained than even a flexible interpretation can withstand” and construing Section 201(c) of the Copyright Act in the authors’ favor).

D.        Challenging the constitutionality of Sonny Bono Copyright Term Extension Act of 1998 (CTEA).(32)

The Sonny Bono Copyright Term Extension Act of 1998 has been criticized as copyright overprotection, rather than copyright extension. This Act is important to the Internet because it reduces the benefits of those Internet sites that provide digital copies of public domain works.

Some have criticized the CTEA because it offers an extension of the term of copyrights for an author or creator without any reciprocal requirement of the author or creator. Also, the CTEA delays works from entering the public domain, without any corresponding benefit to society. One such critic of the CTEA, Lawrence Lessig, the Berkman Professor of Law at Harvard Law School, has filed a lawsuit on behalf of Eldritch Press,(33) a non-profit organization that posts literary works on the Internet when they have entered the public domain.(34)

Article I, Section 8 of the United States Constitution states that Congress may “promote the Progress of Science and useful arts, by securing for limited times to Authors and Inventors the exclusive Right to their respective Writings and Discoveries” (emphasis added). In 1790, this limited time period of copyright was twenty-eight years. Subsequently, Congress enacted a series of extensions, which provide for copyright terms of up to seventy-five years. These extensions retroactively extended the copyright for works which were written many years ago that would otherwise soon enter the public domain.(35) The Sonny Bono Copyright Term Extension Act of 1998 has again retroactively extended the copyright terms; this extension is challenged in the Eldritch lawsuit. The plaintiffs argue that (1) the retroactive extension in the Sonny Bono Copyright Extension Act violates the constitutional “limited times” requirement for constitutional exclusive rights to “writings and discoveries” and (2) the retroactive and prospective extensions violate the First Amendment because they suppress speech without promoting any respective governmental interests. The Sonny Bono Copyright Extension Act has also been criticized by some as merely a vehicle which Disney (which lobbied for the Act) will benefit from, because Mickey Mouse would have entered the public domain in 2004. Under the Sonny Bono Act, however, Mickey will remain Disney’s copyright until 2023.(36)

V.      Domain Names and Marks

Domain names give an entity an Internet identity and enable the public to locate an entity on the Internet.

A.        Case law Registration of a competitor’s mark as a domain name (hijacking) was held to be legal in Juno Online Servs., L.P. v. Juno Lighting, Inc., 979 F.Supp. 684 (N.D. Ill. 1997), 44 U.S.P.Q.2D (BNA) 1913.

B.        Playboy Enters., Inc. v. Welles, 7 F.Supp.2d 1098 (S.D. Ca. 1998), 47 U.S.P.Q.2D (BNA) 1186, aff’d, 1998 U.S. App. LEXIS 27739 (9th Cir. 1998). A former playmate was permitted to state her association with Playboy (PEI)(37) on her own Web site. The heading of the defendant’s Web site is “Terri Welles–Playmate of the Year 1981,” and title of the link page is “Terri Welles–Playboy Playmate of the Year 1981.” Each of the pages uses “PMOY ’81” as a repeating watermark in the background. According to defendant, eleven of the fifteen free Web pages include a disclaimer at the bottom of the pages which indicates that the Web site is not endorsed by Playboy. Id. at 1100. Playboy moved for a preliminary injunction which would enjoin defendant from (1) using the trademarked term “Playmate of the Year” in the title of the home page and the link page; (2) from using the watermark “PMOY ’81” in the background; and (3) from using the trademarked terms “Playboy’ and ‘Playmate” in the meta-tagging of defendant’s site. The Court denied a preliminary injunction because the trademarks that defendant uses, and the manner in which she uses them, describe her and identify her. Therefore the Court held that the defendant has made a “fair use” of these marks(38) and her site was not confusingly similar to Playboy’s site.

C.        Playboy Enters., Inc. v. Netscape Communications Corp., 55 F. Supp. 2d 1070 (C.D. Ca. 1999). This case involves the sale of online banner ads keyed to specific search terms: “playboy” and “playmate.” The Court ruled that the terms “playboy” and “playmate” are generic and that Playboy has no monopoly on those words in all forms. Consequently, the Court denied Playboy’s request for a preliminary injunction against Excite, Inc. and Netscape Communications Corporation finding that the sale of those search keywords to third-party advertisers which operate adult entertainment sites does not constitute trademark infringement or dilution.

D. Avery Dennison Corp. v. Sumpton, 1999
U.S. App. LEXIS 19954 (9th Cir. 1999) 51 U.S.P.Q.2D (BNA) 1801. This was an appeal of a case in which an entity which maintained domain registrations for individual names that included among other surnames, “Avery.net” and “Dennison.net” was held not to have diluted the “Avery Dennison” mark. The Ninth Circuit reversed the District Court’s holding that there was dilution. The Ninth Circuit held that:

1.         The Avery Dennison mark was not famous because it was not “truly prominent and renowned” so that even marks “with such powerful consumer associations and even non-competing users can impinge on their value.” Avery, 1999 U.S. App. LEXIS 19954, *13. The Court pointed out that there were many registrations of marks and uses of the marks “Avery” and “Dennison” by others, and this factor weighs against those being famous marks.

2.         The Court also said that although “an intent to arbitrage” constituted a commercial use, an intent to “capitalize on the surname status of ‘Avery’ and ‘Dennison’ did not constitute a commercial use of a mark.” Id. at *30.

E.        Anti-Cybersquatting Consumer Protection Act

The United States Senate has passed a proposed act, entitled the Anti-Cybersquatting Consumer Protection Act (S. 1255), which would:

1.         Allow the bringing of an in rem action(39) against the domain name that had been registered in violation of the Act; and

2.         Permit recovery for cybersquatting, i.e. allow trademark holders to obtain civil damages from those who register domain name identifiers which are identical or similar to their mark: the trademark holder can recover damages of at least $1,000.00, but not more than $100,000.000 per domain name identifier.

F.         Ringling Bros.-Barnum & Bailey Combined Shows v. Utah Div. of Travel Dev., 170 F.3d 449 (4th Cir. 1999), 50 U.S.P.Q.2d (BNA) 1065, held that Ringling Brothers could not prevent Utah from using “The Greatest Snow on Earth” as a slogan for Utah’s winter sports attractions because the Federal Anti-Dilution law was held to require a showing of “actual economic harm” to the famous marks’ economic value by lessening its former selling power as an advertising agent for its goods or services. Proof of this harm should be demonstrated by surveys and showing actual loss.

G.        The First Circuit, in I.P. Lund Trading A.P.S. v. Kohler Co., 163 F.3d 27, 49 U.S.P.Q.2d (BNA) 1225 (1st Cir. 1998), specifically rejected the “lessening of demand for the product” test that had been applied by the Fourth Circuit in the Ringling Brothers case.

H.        ICANN

ICANN is the new non-profit body responsible for domain name system management, IP address allocation, and related functions. ICANN was established last year to (a) phase out the government’s involvement in the domain name system and (b) to end the monopoly held by Network Solutions Inc. (Nasdaq: NSOL), by opening up the registration of such popular domains as “.com” and “.net” to additional companies. In the past year:

1.         An Internet tax ICANN sought to impose was rejected. ICANN had funding problems and sought to impose a charge on all new Internet domain names payable to ICANN. A Congressional committee started an investigation and ICANN backed down on this.

2.         Open meetings were initiated. ICANN was originally holding closed-door meetings. Criticisms erupted and ICANN appears to have changed its procedures and now holds open meetings.

3.         Criticism by Ralph Nadar’s organization:

Ralph Nader, a consumer rights advocate, challenges how ICANN’s power is controlled and proposes “that the group’s authority should be based on a multilateral government charter that clearly defines and limits the organization’s authority.” He has previously criticized the “beleaguered organization for catering to corporate interests and overextending its authority.”(40)

a.         Nader argues that the right to have an Internet domain name should be considered on par with the right to have a street address, a phone number, or a name.

b.         Nader wants ICANN’s internal documents and budget available to the public.

c.         Nader invites public comment to his thirteen point proposal(41) at mailto:ralph@essential.

4.         An additional controversy exists regarding the registration of domain names. A number of entrepreneurs have also tried to change the organization of the domain naming systems by allowing for the private ownership of new top level domain names. Their proposal is that private companies that create a top level domain name and are able to obtain market acceptance of it should own the rights to register and run the registry of those domain names. Although the White House at one time appeared to favor this approach, ICANN has, to date, rejected any such proposal.

5.         The U.S.P.T.O. weighs in. The “Green Paper” and the “White Paper” were drafted under Ira Magaziner’s direction when he was in the White House. Mr. Magaziner appeared to be somewhat sympathetic to the proposed market-oriented approach for adding top level domain names. Becky Burr,(42) at the Department of Commerce, now appears to be in charge of policies regarding these issues and seems opposed to the marketing approach of adding top level domain names.

The U.S.P.T.O., as of May 18, 1999, allows the registration of second level domain names stating on its Web site at http://www.uspto.gov/web/offices/tac/domain/tmdomain.htm:

An Internet domain name that is used to identify and distinguish the goods and/or services of one person, from the goods of and/or services of others, and to indicate the source of the goods and/or services may be registered as a trademark in the U.S.P.T.O.

On the other hand, the U.S.P.T.O. is hostile to the registration of top level domain names stating in its policy dated September 29, 1999 in Guide No. 2-99 available at http://www.uspto.gov/web/offices/tac/notices/guide299.htm:

If a mark is composed solely of a TLD for “domain name registry services” (e.g., the services currently provided by Network Solutions, Inc. of registering .com domain names), registration should be refused under Trademark Act §§1, 2, 3 and 45, 15 U.S.C. §§1051, 1052, 1053 and 1127, on the ground that it the TLD would not be perceived as a mark. The examining attorney should include evidence from the NEXIS® database, the Internet, or other sources to show that the proposed mark is currently used as a TLD or is under consideration as a new TLD.

If the TLD merely describes the subject or user of the domain space, registration should be refused under Trademark Act §2(e)(1), 15 U.S.C. §2(e)(1), on the ground that the TLD is merely descriptive of the registry services.

The U.S.P.T.O. has also rejected applications to register proposed top level domain names for services other than just “domain name registry services.” The writers are unaware of the U.S.P.T.O. granting any registrations of proposed top level domain names to date regardless of the services with which those proposed domain names are associated.

VI.     Privacy

The latest developments concerning privacy on the Internet relate to the passage of the Children’s Online Privacy Protection Act of 1998 and the effect of the European Privacy Directive.

A.        Legislation

The Children’s Online Privacy Protection Act of 1998 (COPPA), 64 Fed. Reg. 22750 (April 27, 1999), forbids the collection and distribution of minors’ personal information(43) without parental consent and restricts distribution and use of that information. This Act is intended to provide protection to the individually identifiable data of children as collected by Internet Service Providers or Web site operators. The Act is supposed to be implemented by FTC rules which should be in place between eighteen and thirty months from COPPA’s enactment. The FTC has not yet issued any final rules, but interim rules were proposed on April 20, 1999:

Of particular importance is the COPPA requirement that, with certain exceptions, Web sites obtain “verifiable parental consent” before collecting, using, or disclosing personal information from children. Section 312.5 of the proposed rule sets forth this requirement along with the following performance standard:

An operator must make reasonable efforts to obtain verifiable parental consent, taking into consideration available technology. Any method to obtain verifiable consent must be reasonably calculated, in light of available technology, to ensure that the person providing consent is the child’s parent. (64 Fed. Reg. 22756)

In its discussion of this section, the Commission identified a number of methods an operator might use to obtain verifiable parental consent, including a print-and-send form signed by the parent and mailed or faxed to the Web site; a credit-card transaction initiated by the parent; a call made by the parent to a toll-free number; or an e-mail accompanied by the parent’s valid digital signature. The Commission also solicited comment on whether there are other e-mail based mechanisms that could provide sufficient assurance that the person providing consent is the child’s parent. (64 Fed. Reg. 22756, 22762) (44)

B.        European Union Privacy Directive

The European Union (EU), in its European Union Privacy Directive,(45) has granted broad rights to individuals about whom personal information is collected and stored in databases. This EU position, based on the idea that privacy is a fundamental human right, is more rigorous than the United States’ position, which does not provide as extensive access to individuals to review this kind of information and has relatively few restrictions on the use of such personal information.(46) This conflict between the EU position and the US position has threatened international electronic commerce.(47) Therefore, the US Department of Commerce negotiated with EU representatives and proposed safe harbor principles for American companies to use in determining whether they comply with EU data protection laws.(48) The “safe harbor” arrangement is expected to be finalized in the fall of 1999. (49)

Major companies are now requiring sites in which they advertise to meet these standards and the proposed safe harbor provision. For example, IBM’s policy(50) on personal information states that it will inform the consumer how it will use the personal information collected:

At IBM, we intend to give you as much control as possible over your personal information. In general, you can visit IBM on the Web without telling us who you are or revealing any information about yourself. There are times, however, when we may need information from you, such as your name and address. It is our intent to let you know before we collect personal information from you on the Internet.

If you choose to give us personal information via the Internet that we or our business partners may need — to correspond with you, process an order or provide you with a subscription, for example – it is our intent to let you know how we will use such information. If you tell us that you do not wish to have this information used as a basis for further contact with you, we will respect your wishes. We do keep track of the domains from which people visit us. We analyze this data for trends and statistics, and then we discard it.

VII.        First Amendment: Child Online Protection Act

The Child Online Protection Act was held unconstitutional in ACLU v. Reno, 1998 U.S. District Lexis 18546 (E.D. Pa. 1998) and ACLU v. Reno, 31 F.Supp. 2d 473 (E.D. Pa. 1999), but there have not been any decisions from the appellate level yet.

VIII.      Jurisdictional Issues

A.        There have also been some interesting recent cases relating to jurisdiction. First, according to the Internet Newsletter, August 1999, a New York trial court has held that a gambling site in Antigua that would not allow gambling on the site if anyone gave an address in a state that prohibited gambling but did not take any other further steps to verify the address’ accuracy constituted a violation of New York State’s prohibitions on gambling and the Federal Wire Act, the Travel Act, and the Interstate Transportation of Wagering Paraphernalia Act. People v. World Interactive Gaming Corp., N.Y. Sup. Ct., N.Y. Co. (July 24, 1999).

B.        Coastal Video Communications Corp. v. Staywell Corp., 1999 U.S. Dist. LEXIS 11827 (E.D. Va. 1999). In a copyright case where one company alleged that its employee handbook had been infringed by another company, the District Court held that whether there was long-arm statute jurisdiction depended on whether the defendant had actually sold its publication, not just attempted to sell its publication, in Virginia. The Court also said that even if such copies were sold in Virginia, that would not be enough to grant specific jurisdiction in that case because the declaratory judgment action that had been filed does not “arise from the sale of the defendant’s publication” but rather from its very existence. Perhaps the lesson from this case, if you desire to get jurisdiction, is to file an infringement action in a copyright case instead of a declaratory judgment.

C.        Where a Virginia resident sued out of state defendants for posting allegedly defamatory material (one defendant posted the material on servers in Virginia via “AOL” and the other defendant posted the material on servers outside Virginia but was held by the Court to be doing business in Virginia from its Web site), a District Court for the Eastern District of Virginia held that there was a tort in the State of Virginia, and there were sufficient minimum contacts to allow for jurisdiction. Bochan v. LaFontaine, 1999 U.S. Dist. LEXIS 8253 (E.D. Va. 1999).

D.        In a similar case, Melvin v. Doe, Cir. Ct. of Loudoun County, Civil No. 21942 (June 24, 1999), a Virginia Court held that where both the plaintiff and the defendant were Pennsylvania residents, even though a tort may have occurred in Virginia by defamatory material being placed on the AOL server in Virginia, there were not sufficient minimum contacts to meet the jurisdiction requirements for personal jurisdiction.

E.         In Mink v. AAAA Dev., 1999 U.S. App. LEXIS 22783 (5th Cir. 1999), the Fifth Circuit articulated a structure for determining when a court can assume jurisdiction of a company with a presence in cyberspace.

1.         The Fifth Circuit followed the sliding scale in Zippos Mfg. Co. v. Zippo Dot Com, 952 F. Supp. 1119, 1124 (W.D. Pa. 1997), setting out three levels of Internet business. (51)

a.         First, companies which merely advertise or post information about their business on the Internet with “passive” Web sites cannot be sued out of state simply because they maintain the Web site. In Mink, the company’s Web site “provides users with a printable mail-in order form, AAAA’s toll-free telephone number, a mailing address, and an electronic mail (“e-mail”) address, [and] orders are not taken through AAAA’s website [sic]. This does not classify the website [sic] as anything more than a passive advertisement.” Mink at *7.

b.         The second category consists of companies whose Web site allows a user to exchange information with a host computer. Citing Zippos, the Court reasoned that “the exercise of jurisdiction is determined by the level of interactivity.” Mink at *7 – *8.

c.         The companies which enter into contracts with out-of-state residents that involve the “knowing and repeated transmission of computer files over the Internet,” can be sued in the home state of the out of state residents. Mink at *8 -*9.

IX.     Conclusion

We are now at the point where there are judicial precedents and/or proposed statutes resolving many previously troubling Internet issues. Future cases are likely to focus more on reconciling the conflicts between intellectual property rights and/or privacy rights, on one hand, and free speech rights, on the other hand.

END NOTES

(1) In Vault Corp. v. Quaid Software Ltd., 847 F.2d 255 (5th Cir. 1988), the Fifth Circuit, applying Louisiana law, held that the shrinkwrap license was unenforceable. In this case, the Plaintiff, Vault Corporation, developed software for Vault Corp.’s software developer customers to embed in their software to prevent their end user customers from using the software on more than one computer. When the Vault Corporation sold its software, it included a shrinkwrap license which was expressly authorized by a Louisiana statute and prohibited reverse engineering of the software. The defendant, Quaid, purchased the software and reversed engineered it. The Fifth Circuit held that the shrinkwrap license and the related statute were unenforceable because they were “pre-empted” by copyright law. The Court’s holding implies that if pre-emption does not apply, then the shrinkwrap license is enforceable. Most courts that have decided the issue have held that agreements prohibiting reverse engineering and disclosure of confidential information are not pre-empted by the Copyright Act because they involve an agreement between private consenting parties, and therefore are different from copyright which is imposed by statute. See, e.g., Computer Associates v. Altai, 982 F.2d 693 (2nd Cir. 1992).

(2) See, e.g., Feist Publications, Inc. v. Rural Telephone Company Service, 499 U.S. 340, 111 S. Ct. 1282, 113 L.Ed. 2d 358 (1991). For additional materials on copyright law, see the writers’ law firm Web site at http://www.internetlegal.com. There is some concern among commentators that to allow unlimited use of shrinkwrap and clickwrap licenses to protect material not otherwise protected by copyright law could vitiate the copyright fair use doctrine.

(3) This case also dealt with the enforceability of a limitations of remedies clause contained in a shrinkwrap license.

(4) See O.C.G.A. §10-12-2.

(5) A “secure electronic signature” is defined as “an electronic or digital method executed or adopted by a party with the intent to be bound by or to authenticate a record, which is unique to the person using it, is capable of verification, is under the sole control of the person using it, and is linked to data in such a manner that if the data are changed the electronic signature is invalidated.” O.C.G.A. §10-12-3.

(6) The Act provides, in Section 106, Legal Recognition of Electronic Records, Electronic Signatures, and Electronic Contracts

(a)        A record or signature may not be denied legal effect or enforceability solely because it is in electronic form.

(b)        A contract may not be denied legal effect or enforceability solely because an electronic record was used in its formation.

(c)        If a law requires a record to be in writing, or provides consequences if it is not, an electronic record satisfies the law.

(d)       If a law requires a signature, or provides consequences in the absence of a signature, the law is satisfied with respect to an electronic record if the electronic record includes an electronic signature.

See UETA Sections 201, 301, and 401(a) (1998 Annual Meeting Draft); Uncitral Model Articles 5, 6, and 7.

(7) A copy of the proposed Act is available online at www.law.upenn.edu/library/ulc/ulc.htm

(8) The National Conference of Commissioners on Uniform State Laws (NCCUSL) and the American Law Institute (ALI) are responsible for overseeing updates to the Uniform Commercial Code. In 1995, a committee was formed to draft a separate UCC article to specifically address software licensing and electronic commerce. Various versions have been proposed and debated. The goal is to propose a version that most, if not all, of the state legislatures will adopt.

(9) UCITA was approved by the National Conference of Commissioners on Uniform State Laws (NCCUSL) at its annual meeting in Denver at the end of July, 1999. Foster, Ed, UCITA Author Does Some Moonlighting for Money, Courtesy of Microsoft, InfoWorld: The Gripe Line, Oct. 11, 1999.

(10) Graff, George L., Controversial Computer Act Offers Major Innovations: Proposed Uniform Statute for The Information Age Is Approved, Computer Law Strategist, Aug. 1999, Vol. XVI, No. 4.

(11) Id.

(12) See also http://www.ll.georgetown.edu/allwash/UCITA2html

(13) Spam is the name given for unsolicited e-mail messages which flood the Internet. Spam generally consists of commercial advertising (sometimes for adult oriented Web sites or get-rich-quick schemes).

(14) A copy of this Order is attached as Appendix A.

(15) See William M. McSwain, The Long Arm of Cyber-Reach, 112 Harv. L. Rev. ___ (Issue 7, May, 1999).

(16) See, CompuServe, Inc. v. Cyber Promotions, Inc., 962 F.Supp. 1015 (S.D. Ohio 1997) in which the court held that enjoining the sending of spam to CompuServe’s customers was based on a trespass action that didn’t involve First Amendment considerations.

(17) See Central Hudson Gas & Elec. Corp. v. Public Serv. Comm’n of N.Y., 447 U.S. 557, 562-563, 65 L.Ed.2d 341, 100 S.Ct. 2343 (1980).

(18) Cf. Sable Communications v. FCC, 492 U.S. 115, 127-128, 109 S.Ct. 2829, 2837, 106 L.Ed.2d 93 (1989) (there is no captive audience problem where the listener of dial-a-porn must take affirmative steps to receive the communication).

(19) See Intel v. Hamidi, supra.

(20) In similar cases, the First Amendment issue was not raised. See, e.g., America Online v. IMS, 24 F. Supp. 2d 548 (E.D. Va. 1998); America Online v. Prime Data Sys., Inc., 1998 U.S. Dist. LEXIS 20226 (E.D. Va. 1998); America Online v. LCGM, Inc., 46 F. Supp. 2d 444 (E.D. Va 1998).

(21) The text is attached as Appendix B.

(22) Because this language is written broadly enough to prevent noncommercial anonymous bulk e-mailings, it arguably violates the First Amendment. See, ACLU of Georgia v. Miller, 977 F.Supp. 1228 (N.D. Ga. 1997).

(23) The Act defines the term “unsolicited electronic mail message” as “any substantially identical electronic mail message other than electronic mail initiated by any person to others with whom such person has a prior relationship, including prior business relationship, or electronic mail sent by a source to recipients where such recipients, or their designees, have at any time affirmatively requested to receive communications from that source.”

(24) Nev. Rev. Stat. 41.735 provides immunity for persons who provide users with access to a network and applies to items of electronic mail obtained voluntarily.

(25) Nev. Rev. Stat. 41.715 defines “electronic mail” as a message, a file or other information that is transmitted through a local, regional or global network, regardless of whether the message, file or other information is:

1. Viewed;

2. Stored for retrieval at a later time;

3. Printed onto paper or other similar material; or

4. Filtered or screened by a computer program that is designed or intended to filter or screen items of electronic mail.

(26) Cal. Business & Professions Code §17538.4 provides as follows:

(a) No person or entity conducting business in this state shall facsimile (fax) or cause to be faxed, or electronically mail (e-mail) or cause to be e-mailed, documents consisting of unsolicited advertising material for the lease, sale, rental, gift offer, or other disposition of any realty, goods, services, or extension of credit unless:

(1) In the case of a fax, that person or entity establishes a toll-free telephone number that a recipient of the unsolicited faxed documents may call to notify the sender not to fax the recipient any further unsolicited documents.

(2) In the case of e-mail, that person or entity establishes a toll-free telephone number or valid sender operated return e-mail address that the recipient of the unsolicited documents may call or e-mail to notify the sender not to e-mail any further unsolicited documents.

(b) All unsolicited faxed or e-mailed documents subject to this section shall include a statement informing the recipient of the toll-free telephone number that the recipient may call, or a valid return address to which the recipient may write or e-mail, as the case may be, notifying the sender not to fax or e-mail the recipient any further unsolicited documents to the fax number, or numbers, or e-mail address, or addresses, specified by the recipient.

In the case of faxed material, the statement shall be in at least nine-point type. In the case of e-mail, the statement shall be the first text in the body of the message and shall be of the same size as the majority of the text of the message.

(c) Upon notification by a recipient of his or her request not to receive any further unsolicited faxed or e-mailed documents, no person or entity conducting business in this state shall fax or cause to be faxed or e-mail or cause to be e-mailed any unsolicited documents to that recipient.

(d) In the case of e-mail, this section shall apply when the unsolicited e-mailed documents are delivered to a California resident via an electronic mail service provider’s service or equipment located in this state. For these purposes “electronic mail service provider” means any business or organization qualified to do business in this state that provides individuals, corporations, or other entities the ability to send or receive electronic mail through equipment located in this state and that is an intermediary in sending or receiving electronic mail.

(e) As used in this section, “unsolicited e-mailed documents” means any e-mailed document or documents consisting of advertising material for the lease, sale, rental, gift offer, or other disposition of any realty, goods, services, or extension of credit that meet both of the following requirements:

(1) The documents are addressed to a recipient with whom the initiator does not have an existing business or personal relationship.

(2) The documents are not sent at the request of, or with the express consent of, the recipient.

(f) As used in this section, “fax” or “cause to be faxed” or ” e-mail” or “cause to be e-mailed” does not include or refer to the transmission of any documents by a telecommunications utility or Internet service provider to the extent that the telecommunications utility or Internet service provider merely carries that transmission over its network.

(g) In the case of e-mail that consists of unsolicited advertising material for the lease, sale, rental, gift offer, or other disposition of any realty, goods, services, or extension of credit, the subject line of each and every message shall include “ADV:” as the first four characters. If these messages contain information that consists of unsolicited advertising material for the lease, sale, rental, gift offer, or other disposition of any realty, goods, services, or extension of credit, that may only be viewed, purchased, rented, leased, or held in possession by an individual 18 years of age and older, the subject line of each and every message shall include “ADV:ADLT” as the first eight characters.

(h) An employer who is the registered owner of more than one e-mail address may notify the person or entity conducting business in this state e-mailing or causing to be e-mailed, documents consisting of unsolicited advertising material for the lease, sale, rental, gift offer, or other disposition of any realty, goods, services, or extension of credit of the desire to cease e-mailing on behalf of all of the employees who may use employer-provided and employer-controlled e-mail addresses.

(i) This section, or any part of this section, shall become inoperative on and after the date that federal law is enacted that prohibits or otherwise regulates the transmission of unsolicited advertising by electronic mail (e-mail).

(27) See Digital Millenium Copyright Act, Sec. 1201. Circumvention of copyright protection systems.

(28) Digital Performance Right in Sound Recordings Act of 1995 (Public Law 104-39).

(29) The Rio portable music player is a digital audio recording device. The Rio is a small device (roughly the size of an audio cassette) with headphones that allows a user to download MP3 audio files from a computer and to listen to them elsewhere.

(30) See 17 U.S.C. §1001 et seq. (P.L. 102-563, at 4, 106 Stat. 4248).

(31) Discord Surrounding Diamond Multimedia’s Rio Player is Ended Through Settlement Agreement, The Intellectual Property Strategist, Sept. 1999, Volume 1, Number 12, at 4.

(32) See P.L. 105-298, 112 Stat. 2827.

(33) Eric Eldred founded Eldritch Press in late 1995, and initially, Eldritch Press posted works of American literature by authors such as Nathaniel Hawthorne and Henry James. Now, Eldritch Press posts new works the moment they enter the public domain. Some of the works Eldritch Press posts are out of print or are not included in library collections, and therefore they are not obtainable by the public in any other way. See How Long is Too Long? Recent Congressional Copyright Giveaway Claimed Unconstitutional at http://eldred.ne.mediaone.net/pr-1999-01-12.txt.

(34) See Eldred v. Reno, United States District Court for the District of Columbia, Case No. 1:99CV00065 JLG (filed January 11, 1999). Visit this Web site to view the pleadings in this case: http://cyber.law.harvard.edu/eldredvreno/legaldocs.html.

(35) See http://www.kingkong.demon.co.uk/ccer/ccer.htm, a site that documents all renewals of 1923 book copyrights, representing works that the Copyright Term Extension Act keeps from the public domain.

(36) Slotek, Jim, M-I-C . . . © you real soon . . . k-e-y . . ., Toronto Sun Times, Nov. 1, 1998; see also Naughton, John, Mickey Mouse Saved for Disney? Phew. What a Narrow Squeak, Guardian Unlimited, May 2, 1999.

(37) As found by the Court, Playboy Enterprises (PEI):

owns federally registered trademarks for the terms Playboy, Playmate, Playmate of the Month, and Playmate of the Year. The term Playmate of the Year is sometimes abbreviated “PMOY.” PEI does not have a federally registered trademark in the abbreviation “PMOY,” although PEI argues that “PMOY” is worthy of trademark protection because it is a well-known abbreviation for the trademark Playmate of the Year.

Playboy Enterprises, 7 F.Supp.2d 1098, 1100.

(38) The Court also found that, with respect to the meta tags, there is no trademark infringement where defendant has used Playboy’s trademarks in good faith to index the content of her Web site.

(39) This statute would allow a court to order the cancellation or forfeiture of the domain name or the transfer of the name to the owner of the trademark. It will make it possible for plaintiffs to go after domain names as a group rather than being forced to sue each of the registrants individually. See Porsche Cars North America, Inc. v. porsch.com, 51 F. Supp. 2d 707 (E.D. Va. 1999), 51 U.S.P.Q.2d (BNA)1461, in which the Court rejected Porsche’s “in rem” claim to grab control of domain names incorporating versions of the “Porsche” name to avoid having to individually sue hundreds of registrants that had registered those domain names.

(40) Mack, Jennifer, Nader Proposes Limits to ICANN, ZDNet News, Sept. 27, 1999.

(41) A framework for ICANN and DNS Management

Initial Proposals (comments welcome)

version 1.02 September 25, 1999

1. ICANN’s authority should be based upon a multilateral government charter. That Charter should define and limit ICANN’s authority.

2. The charter should be based upon a limited purpose sui generis agreement among countries that express interest in working together, and that agree that ICANN’s role should be limited to tasks essential to maintaining an efficient and reliable DNS management, and that ICANN will not be used as an instrument to promote policies relating to conduct or content on the Internet. (Additional multilateral institutions may be desired to address electronic commerce issues, but ICANN itself should not become the foundation for a vast Internet governance institution. See http://www.cptech.org/ecom/cpt-wcpo.html)

3. ICANN should not use its power over domain registration policy to exclude persons from the use of a domain on issues that are not germane to managing the DNS system of mapping IP addresses into domain names. The right to have a domain on the Internet should be considered the same as the right to have a street address, a telephone number or a person’s name.

4. ICANN should identify a membership and elect its board of directors from its membership before it makes additional policy decisions (in those areas appropriate for action by ICANN).

5. Membership should be open to anyone who uses the Internet. There should be no fee associated with membership or voting rights.

6. The records of ICANN should be open to the public. The public should have rights to documents as, similar to rights provided in the US Freedom of Information Act.

7. The meetings of ICANN should be open to the public.

8. The public should be given an annual opportunity to review and comment on the ICANN budget.

9. The budget of ICANN should be subject to review by the countries that provide the ICANN charter. Fees associated with domain registration should only be spent on activities essential to the management of the DNS system.

10. National governments should be permitted to exercise discretion over policies relating to the use of country top level domains (.fr, .uk, .us, etc.).

11. For generic top level domains (.com, .org, .net, and new gTLDs), the domain space should be declared a public resource. The registrar or registries perform services on behalf of the users of the domains, and will not own the domain space. It should be possible to replace firms engaged in registration services and DNS management, without risking the stability of the Internet.

12. On matters of public interest (in the narrow areas where ICANN will operate), such as policies regarding the use of trademarks or the privacy of domain registration information, ICANN should make recommendations to the sui generis multinational body created to manage ICANN, and the multinational body should accept, reject or modify the recommendations, after giving the public a fully adequate opportunity to review and comment on the proposals.

13. On the issue of trademarks, the Charter should explicitly protect the public’s rights to parody, criticism and free speech. For example, domain names like GM-sucks.com, which would not be confused with GM.com, should be permitted.

(42) Becky Burr is the Associate Administrator of the National Telecommunication and Information Administration, Office of International Affairs.

(43) The Act defines “personal information” to include an individual’s first and last name, home and other physical address, e-mail address, social security number, and telephone number. 1999 S. 809; 106 S. 809.

(44) See Benjamin I. Berman, Acting Secretary of the Federal Trade Commission, Federal Register Notice announcing Public Workshop on Proposed Regulations Implementing the Children’s Online Privacy Protection Act, Supplementary Information, June 23, 1999, 16 C.F.R. Part 312, Children’s Online Privacy Protection Rule at http://www.ftc.gov/os/1999/9906/kidsprivacy.htm.

(45) For the official text of the European Union Privacy Directive, see Official Journal of the European Communities of 23 November 1995 No L. 281 p. 31. For an unofficial version, visit http://www.cdt.org/privacy/eudirective/EU_Directive_.html.

(46) See, e.g., Mosceyunas, Anne K., On-Line Privacy: The Push and Pull of Self-Regulation and Law, Computer Law Section Newsletter, State Bar of Georgia, July, August, September, 1999, pp. 13-15; Cranman, Kevin A., Internet and Electronic Communication Privacy Issues: An Overview and Legislative Update, 14th Annual Computer Law Institute, Program Materials 1999, Part 10.

(47) Winn, Jane K., Digital Signatures, Smart Cards, and Electronic Payment Systems, ICLE Fourteenth Annual Computer Law Institute, Sept. 24, 1999, p. 22.

(48) See Joint Report on Data Protection Dialogue to the EU/US Summit, June 21, 1999, which is attached as Appendix C.

(49) Id.

(50) See http://www.ibm.com/privacy/.

(51) For further analysis, see Koppel, Nathan, Cyber-Ad Jurisdiction Isn’t Automatic, Texas Lawyer, Sept. 27, 1999.

The information above is provided for general educational purposes and not as legal advice. Laws in areas in which we practice change continually and also vary from jurisdiction to jurisdiction. Therefore no visitor to our site should rely on any of the articles provided for legal advice, but should always consult their own attorney regarding legal matters.

© 1999, Rob Hassett, Atlanta, Georgia. All Right Reserved.