Cops to G-20 Protesters: Use Twitter & Go to Jail.
October, 2009
Summary: On September 24th (the first day of the G-20 Summit in Pittsburgh) the Pennsylvania State Police served a search warrant on a protester (a self-styled anarchist) on the grounds that his use of Twitter to inform other protesters of the location of riot police was a crime. A criminal complaint was later filed against him. Subsequently, the FBI conducted a 16 hours search of his New York apartment and carted away a great deal of property. According to news reports, the information was also available from news reporters, helicopter live-feeds and on the police website at the time. On the other hand, the person was in a hotel room with an array of equipment, including a police scanner. So, a serious crime or a chilling (and unconstitutional) effect on free press? It turns out that, yes, use of communications devices in certain such situations can be a crime. (Full disclosure: The author is a lawyer but does not practice in criminal or First Amendment issues.)
The Details.
The details of the arrest are just now coming out (Tuesday, October 6th) so by the time this blog is posted (or you read it), more details may emerge but this is some of what has been reported. Eliot Madison and another man were in a hotel room outside of Pittsburgh on the first day of the G-20 Summit, listening to scanners and using PCs, maps and cellphones to alert protesters (who did not have a permit for their protest). Evidently, the two men were telling the protesters where the police were. According to the complaint, their crime was assisting the protesters failure to disperse.
A Brief Sidebar.
Note to all readers: In a First Amendment case (well, in any case) you cannot let your analysis be biased by your inclinations towards or revulsions towards the people claiming that defense. So, for example, let’s say you are a staunch conservative who hates anyone to the left of Tom DeLay. Suppose this had been anti-abortionists protesting and Eliot had been giving them the same information?
The Implications.
Now this is interesting at all sorts of levels. The government will have to show an intent to criminal activity—essentially some activity connecting the intent of the two groups (Madison and friend and the protesters). One can imagine the complexity of this enterprise. Did they know the recipients of their Twitter (and cellphone) messages were in fact committing a crime—and in all probability the particular crime of failing to disperse? Suppose that you receive the tweet and you pass on the information to your girlfriend who is in Pittsburgh and you have no idea if she is with the protesters? If the two guys were not aware that protesters were failing to disperse—in other words, were not aware of a crime being committed, then just what crime did they commit? If they were giving the information so that protesters could avoid bodily harm, would that be a crime? Moreover, if they were telling the protesters where the police were and giving them escape routes, then wouldn’t they have been assisting the protesters to obey the law? And what about those who sent the tweets onward? Are they co-conspirators?
Numerous analogies immediately come to mind, and with no surprise. The news helicopters were providing live video feeds of the location of the riot police, as were reporters on the ground. OK, so this is news reporting and therefore without criminal intent. But what if one of the reporters said “Those protesters better get out of there or they are going to get in trouble.” Is this the same as alerting passing motorists that a police car with radar is just around the next bend? You’ve probably read a blog that raves about some new gadget. It may well be that that the blogger has cut a deal with the manufacturer of that gadget—whether payment or simply receipt of one of the gadgets. And yet, you as the reader had no idea of that connection.
It is true that speech can be criminal. No court has ever said otherwise. The new technology now presents more conundrums in drawing reasonable lines. Watch this case wend its way through the courts.
Summary: Online advertising has been self-regulated for some time but the FTC has made it clear that it is not happy with the resulting dense legalese of TOU’s and privacy policies. They set forth new guidelines that they expect publishers to use during the next year–at which time the FTC will consider new legislation. (Please note: Various ad industry associations offered their response, which is discussed in the post below at digitaldumonde.wordpress.com/2009/07/23/new-ideas-for-online-data-collection-use-the-industry-responds-to-the-ftc/.)
Although the guidelines are only just that–guidelines–they should “guide” your revisions to your TOU’s and your privacy policy. Here is a quick summary.
I. Introduction.
The staff of the United States Federal Trade Commission (FTC) recently released a report (February 12, 2009) that will directly affect the documents governing the relationship between an online content provider and viewers/consumers-Terms of Use (TOUs), End-User License Agreements (EULAs) and Privacy Policies. The report also suggests implications for the use of private information. Please email us atjcrext@globalcaplaw.com and a copy of the report will be sent to you, or you can find it on the site of the FTC.
The report sets forth principles for self-regulation for the online advertising industry relating to online “behavioral advertising.” (The report defines behavioral advertising, which is set forth below under “Definition”). Technically, it is a supplemental report, but it has the effect of finalizing the December 2007 draft “Self-Regulatory Principles for Online Behavioral Advertising.”
It should be emphasized that these are principles for self-regulation for the online advertising industry. Arguably, this means that they are not binding, and, indeed, the report makes that clear. However (and this is an important caveat), the principles will definitely guide the enforcement actions instituted by the FTC. Moreover, it seems that the FTC is pre-disposed to initiate legislation in this area, which will probably codify much of what is found in these principles. And states often look to such reports for guidance on their legislation on privacy.
In reading the footnotes, another point emerges from the report. The FTC staff appears to believe that those who draft TOUs and privacy policies have not been keeping a close eye on the enforcement actions and decisions that the FTC staff believes to be relevant-and these include decisions that do not involve online matters but do involve clear disclosure for consumers. In fact, the report footnotes include quotes from FTC commissioners that can be summed up as the following rule:
Policies that bury relevant information and choices for consumers in legalese will do so at the peril of the publisher.
(Please note that the above rule is our language and not that of the FTC or its staff.)
II. So What?
1. Clean up These Documents. Dense legalese will probably not “pass muster” with the FTC. They are keeping a close eye on this area.
2. Consumers’ Choices Must Be Clear. Just as dense legalese is for the FTC tantamount to unacceptable (and often illegal) “fine print,” obscuring consumers’ choices is frowned upon. In particular, the report mentions “check boxes” that are already checked–something frowned upon in the report.
3. Certain Changes to Terms Must Be Affirmatively Accepted. Any material changes or “retroactive” changes (i.e., affecting policies on data already collected) must be affirmatively accepted by the site users. Prospective changes do not (yet) need such approval but it is pretty clear that the staff leans in that direction. This possibly means that the common technique of saying “Use of this site means acceptance of the terms” together with the “warning” that changes can be made at any time will not be acceptable by the FTC.
4. The PII/non-PII Distinction is Diminishing. The US approach has been to try to protect “personally identifiable information” at a higher level than that which is not personally identifiable. This differs from the European model. Now, the FTC is moving towards the European model and this is understandable. The staff understands that PII can often be gleaned from non-PII, which makes the distinction too porous. In particular, the report wishes to increase the protection of data that can identify an individual machine (PC, mobile phone, etc.), while the earlier approach was to preclude identification of an individual user.
5. Self Regulation is a Testbed and is on Probation. The FTC simply sidestepped resolving many issues, leaving it to the “industry” to try various methods. However, one can infer that “industry” has about a year before the FTC moves towards legislation.
III. The Report.
We have not included the entire (50+ page) Report, but we have quoted almost the entire conclusion, which summarizes the final version of the “Principles” of self-regulation. The numbering is directly from the Report:
A. Definition
For purposes of the Principles, online behavioral advertising means the tracking of a consumer’s online activities over time – including the searches the consumer has conducted, the web pages visited, and the content viewed – in order to deliver advertising targeted to the individual consumer’s interests. This definition is not intended to include “first party” advertising, where no data is shared with third parties, or contextual advertising, where an ad is based on a single visit to a web page or single search query.
B. Principles
1. Transparency and Consumer Control
Every website where data is collected for behavioral advertising should provide a clear, concise, consumer-friendly, and prominent statement that (1) data about consumers’ activities online is being collected at the site for use in providing advertising about products and services tailored to individual consumers’ interests, and (2) consumers can choose whether or not to have their information collected for such purpose. The website should also provide consumers with a clear, easy-to-use, and accessible method for exercising this option. Where the data collection occurs outside the traditional website context, companies should develop alternative methods of disclosure and consumer choice that meet the standards described above (i.e., clear, prominent, easy-to-use, etc.)
2. Reasonable Security, and Limited Data Retention, for Consumer Data
Any company that collects and/or stores consumer data for behavioral advertising should provide reasonable security for that data. Consistent with data security laws and the FTC’s data security enforcement actions, such protections should be based on the sensitivity of the data, the nature of a company’s business operations, the types of risks a company faces, and the reasonable protections available to a company. Companies should also retain data only as long as is necessary to fulfill a legitimate business or law enforcement need.
3. Affirmative Express Consent for Material Changes to Existing Privacy Promises
As the FTC has made clear in its enforcement and outreach efforts, a company must keep any promises that it makes with respect to how it will handle or protect consumer data, even if it decides to change its policies at a later date. Therefore, before a company can use previously collected data in a manner materially different from promises the company made when it collected the data, it should obtain affirmative express consent from affected consumers. This principle would apply in a corporate merger situation to the extent that the merger creates material changes in the way the companies collect, use, and share data.
4. Affirmative Express Consent to (or Prohibition Against) Using Sensitive Data for Behavioral Advertising
Companies should collect sensitive data for behavioral advertising only after they obtain affirmative express consent from the consumer to receive such advertising.
Summary: You might not have read it here first but you have read it here often: Courts are taking on—and deciding against—what they consider to be unfair terms in EULAs or TOUs. In this case, it was the federal district court for Northern Texas, finding that the arbitration clause was illusory. It is important to note that this case, in our opinion, does not stand alone but adds more case law attacking the terms of these online agreements. These cases are—and in particular this case is—consistent with one of the principal points central to the new FTC staff guidelines. The message: Complicated TOUs put the client at greater risk.
In Harris v. Blockbuster, the court for the Northern District of Texas held that the arbitration provision of the online agreement for the use of Blockbuster was illusory. Dicta suggest even broader implications for the decision, but that alone was enough to cause some concern (we do not yet know if there will be an appeal, though it is probable).
As far as the court was concerned the main problem with Blockbuster’s online agreement was sort of a double-whammy. The agreement stated that Blockbuster could change the provisions at any time—which would, of course, mean that changes with retroactive effect would, in the opinion of Blockbuster, be enforceable. In this case, some disputes arose and Blockbuster then added an arbitration provision, which was to apply retroactively and thus eliminate much of the risk (from a trial).
So What?
So, online agreements (what we call EULAs and TOUs) with retroactive changes inserting (or affecting) arbitration provisions will run afoul of this opinion—of course, in that district. Moreover, the opinion carries some weight with other claims about online agreements. Many online agreements—perhaps a majority, perhaps many more—have such provisions enabling the publisher (in this case Blockbuster) the right to make retroactive changes to the terms. Suddenly, then (if you believe in Chicken Little), these provisions are at risk.
Ammunition & Guidance. Really, though, the opinion builds on a string of previous opinions that, taken together, provide both substantial ammunition for plaintiffs’ assaults on these agreements and, if you think about it, guidance on what to include—and exclude—from online agreements.
It is not necessarily a bad thing. The FTC staff report gives pretty clear guidance on what can be done: If a party wants a right to changes, then they should not be retroactive and the user must have some kind of right to agree (or not) to those changes going forward.
This is not some rogue court. The cases cited include some in the Fifth Circuit and some in Texas itself. With some serious contortions and impressive legal reasoning, one could distinguish this case from the facts and holdings of those precedents. But it is not so simple.
In just the last several years, quite a few courts have taken on the online agreements. They include courts in the Ninth Circuit and in Pennsylvania. The reasoning can be distinguished but not here. They all come to a smell test: Does this really smell like a contract?
These cases fall within an even longer line of opinions regarding the nature of agreements between corporations and consumers. As the FTC staff report pointed out (with copious footnotes), “fine print” cases have a long history. And it is a history where the “victor” has swung from the consumer to corporations and back. Now, with the new administration, with the FTC’s stiffer attitude about consumer rights (rightly or wrongly), and with these cases, we can expect history’s pendulum to swing the other way.
Conclusion
Write “Gooder.” These agreements do not have to be so dense and they do not have to have such onerous terms. The right of retroactive modification was a term just waiting to be shot down. Too often, lawyers just copy and paste a TOU from another site. Or, perhaps they have to justify their legal fees on a topic that is perceived by clients as unimportant boilerplate. Whatever the reason, this case should be a shot across the bow that attorneys put their clients at greater risk with such legal intricacies as we now see in EULAs.
Perhaps we’ll get some online agreements that are actually well-drafted; that do not read like fine print; and that provide better terms. But then, we believe in the Easter Bunny, too.
AP’s Attack on “Misuse” Scores the First Points
April, 2009
Summary: In what may be a variation on the model of the RIAA campaign against illegal music downloaders, AP has launched an assault on the “free” use of news on the Internet-not just their feeds but, apparently headline links. A part of this assault is a suit in US district court in New York against All Headline News Corp., a news aggregator. That court just denied a motion to dismiss the suit, applying the principle of “hot news” to online news for the first time. One point for AP. That decision and the legal theories underpinning the “assault” are connected. Add another point for AP.
AP recently announced that it is fed up with the misuse of its news feeds–an understandable lament given that its customers (newspapers) own AP. You may be hearing echoes of the famous move, Network, and they are more than echoes. At the annual AP board meeting, the chairman, Dean Singleton said “We are mad as hell and are not going to take it anymore.”
We take no position on whether this is a good or bad thing. Many, many talking heads (“typing hands” for a new name for bloggers?) are decrying what they see as a frontal assault on the doctrine of “fair use.” We do not see it that way. We do see it as an opportunity to clarify not only the application of that doctrine online but also a way to discuss, and eventually clarify, the appropriate business models for online news and information.
A Few Details
They plan on policing the misuse of copyrighted material. How is a matter of speculation. AP has signed up with Attributor, a company with technology that can track use of digital information (stories and photos) that have a digital “fingerprint.” Armed with that information, AP could demand some portion of ad revenues from sites using the offending materials in a manner beyond the limits of the “fair use” doctrine. (You heard it here first, by the way. We wrote several weeks ago that demands by newspapers for such revenue are not unreasonable as a move to increase revenues for online newspapers.)
Fair Use May Change.
We get it. We might not support the approach (and we might also support it) but fair use has been strained to, if not beyond, the limits of credulity to justify online use of information created by others, for which the copyrights are also owned by those others. In these situations-where a legal doctrine lags too far behind market development-the doctrine becomes the focus of legal assaults and the consequences are a changed doctrine. Regrettably, the public debate on this matter has begun to take on ideological “hate” language that relies more on ad hominem attacks than reasoned analysis and argument (in the “rhetoric” sense of that word).
The First Salvo: All Headline News.
AP is going after All Headline News, a news aggregator. They have been accused of stripping attribution (including copyright notice) from AP articles and re-publishing them without any changes whatsoever. Again, we take no position on what they are doing. AHS filed a motion to dismiss, which was denied by the district court in an interesting opinion.
Why? Because the court anchored its action to the “hot news” doctrine from 1918 (an opinion from a case that arose from the start of the business of the real-life model of our favorite film character, Citizen Kane). There, news that is so “hot” (like breaking news) becomes the quasi-property of the people creating the news stories in the first place. Whatever your opinions on the doctrine, this is the first time that “hot news” has been applied to the online news world.
So What?
We discern a certain theoretical strategy behind AP’s approach, something that seems to have escaped notice with all the screaming against AP now underway. In a sense, hot news can become something of an argument against a “fair use” defense. That is not quite it-but we will leave that sentence in, anyway. Rather, finding the applicability of the doctrine, the court gave AP the basis for arguing “misappropriation.” That can become the basis of a legal theory that differs from mere infringement. In a simple manner, it can be explained that the word is the civil law equivalent of “theft” in the criminal context. Putting aside discussions of legal theories, strategies and tactics, the opening into this legal argument carries with it the potential of using “freighted” language to use in the PR battles that AP faces and will continue to face.
Information Wants to Be Free??
That rallying cry has energized much of the discourse that coincides with the explosive growth of all things digital. Whether something as diffuse as “information” can be called something singular in that context is one thing; whether it can “want” anything is another. But that’s not our point.
There might be a tectonic shift underway (OK, warning: Now we’re getting really speculative). Most obviously, the collapse of the newspaper industry alarmed people (OK, primarily the pundits and shareholders and employees but you get the point) enough for alternatives to “free” to be openly discussed as new (or recycled) business models. At an even more abstract level, the conservative interpretation of the “free” market is now in retreat (rightly or wrongly is not our point), and so also might other ideological positions that tend toward a libertarian bent. We don’t know. But we do know that AP has a fight ahead of it-and it is a good fight.
The outcome might not be what AP wants-or what anybody wants-but it will be a changed world because of it.
We are trying an experiment here. Rather than rewrite a post we have made on another of our blogs we have set forth the link below. That blog is for general counsel but the point is applicable to digital matters.
Here is a summary:
An article in The New York Times Magazine on Sunday March 14th on basketball provides an object lesson that you should own whatever data may emerge from any digital initiatives memorialized in a legal agreement.
