Posted on July 18, 2008 by Clifford Davidson

"Cyber-Bullies" Potentially Face Hard Time

State governments and federal prosecutors are cracking down on individuals who use the internet to harass or threaten others.  On June 30, Missouri Governor Matt Blount signed into law a measure that criminalizes online harassment.  This new law represents a marked change in the legal treatment of this form of harassment, also known as “cyber-bullying.”  Other states have enacted legislation to help stop cyber-bullies, but none has gone so far as to impose jail sentences on violators.  The Missouri law, however, criminalizes the transmission of an electronic communication for the purpose of frightening or disturbing another.  V.A.M.S. 565.091 (not yet chaptered).  Adult violators of this new law face up to 4 years in prison if they perpetrate the offense against a child.

The legislation responds to the 2006 death of 13-year old Megan Meier, who committed suicide after being harassed repeatedly on MySpace.  The harassment was allegedly perpetrated by Lori Drew, a 47-year old woman who falsely assumed the identity of a fictitious teenage boy on MySpace and posed as this character to develop an online relationship with Meier.  The girl’s suicide was allegedly prompted by disparaging comments made by Ms. Drew disguised as the teenage boy.  The tragedy outraged the Missouri community in which it occurred, but local authorities were unable to prosecute Ms. Drew because cyber-bullying was not illegal.

Continue Reading...
Tags: , ,
Posted on March 27, 2008 by Timothy P. Tobin

Consumer Advocates Target Online Behavioral Advertising: Broad Regulation Threatens to Impede Delivery of Relevant Advertising and Business Models for Free Online Content

In the wake of the December 2007 FTC statement proposing self-regulatory principles for businesses that are engaged in online behavioral targeting (click here for earlier blog post), that activity has continued to provoke consumer groups who advocate for government regulation. The legislature in New York has taken notice and is considering a first of its kind bill, the Third Party Internet Advertising Consumer's Bill of Rights Act of 2008, to regulate third parties Internet advertisers’ tracking activities. The New York legislature’s activity coincides with significant opposition in the European Union to online behavioral advertising practices.   

Online behavioral targeting is the process of tracking online users’ behavior and serving ads tailored to that behavior. While the methods vary, the primary methods used online are cookie-based, conveying to advertisers web pages a user visits. Companies may also use search data. This information is sometimes combined with demographic data such as geographic location, to help further personalize advertisements. Glossed over by consumer groups is the fact that tracking usually is conducted anonymously with data collected linked only to a computer’s Internet Protocol (IP) address, not name or other personally identifiable information. In addition, responsible Internet companies are expected to provide clear notice and opportunities for consumers not to participate in such programs. Still, consumer groups have seized on reports of Internet Service Providers contracting with companies such as Nebu-Ad, Phorm and Adzilla who use so-called “deep packet inspection” to collect data on every page a user visits rather than just those that are part of an online advertising network. 

The ongoing debate over online behavioral targeting is significant not only because such targeting enables consumers to receive ads that are more relevant and useful to them, but as the FTC has recognized, restrictions that inhibit companies’ ability to obtain advertising revenue may fundamentally affect the ability of the Internet to continue to offer valuable content for free.

Continue Reading...
Tags: , , , , , , , , , , , , , , , , , , , , , , , , ,
Posted on January 15, 2008 by Timothy P. Tobin

State Attorneys General Announce Agreement with MySpace to Protect Children Online

Yesterday, attorneys general from 49 states (all but California’s) and the District of Columbia announced a sweeping agreement with MySpace under which the company will adopt new measures to protect children online. This announcement culminates many months of negotiations between a task force of the attorneys generals led by Richard Blumenthal, the Connecticut Attorney General and Roy Cooper, the North Carolina Attorney General and is reflective of the intense pressure on web 2.0 sites to protect children online. We previously posted about that pressure, reporting on state attorneys general investigations of MySpace and Facebook here and the subsequent New York attorney general settlement with Facebook here. The new agreement with MySpace is available as an attachment to the press release on the North Carolina Attorney General’s website. 

Continue Reading...
Tags: , , , , , , , , , , , , , , , ,
Posted on December 20, 2007 by Timothy P. Tobin

FTC Staff Issues Proposed Self Regulatory Principles for Behavioral Advertising and Seeks Comment

FTC staff issued a statement today proposing four “self-regulatory” principles to guide businesses engaged in online behavioral advertising. FTC staff also seeks public comments on these principles as well as additional information on what other uses businesses are making of online tracking data. Interested parties can submit comments by February 22, 2008. 

The statement, titled “Online Behavioral Advertising: Moving the Discussion Forward to Possible Self-Regulatory Principles” follows from the FTC’s town hall meeting held in early November 2007. There, FTC considered privacy issues raised by behavioral advertising and heard from consumer interest groups and businesses’ alike.  The agenda and links to material related to the town hall meeting can be found here.    

Continue Reading...
Tags: , , , , , , , , , , ,
Posted on December 18, 2007 by Jeremy Mittman

Anonymous in Arizona? Maybe Not.

In a case of first impression, the Arizona Court of Appeals recently considered the ability of a litigant to determine the identity of an anonymous Internet user. Mobilisa, Inc v. Doe, Case No 1-CA-CV 06-0521, 2007 Ariz. App. LEXIS 225 (Ariz. Ct. App., November 27, 2007). While the Court did not require disclosure of an anonymous Internet user’s identity (as the lower court had done), it set forth a balancing test to consider whether or not the user’s identity should remain anonymous. Thus, the Arizona court recognized that there may indeed be circumstances where anonymity must fall and a user’s identity must be disclosed in litigation.

Continue Reading...
Tags:
Posted on November 1, 2007 by Brendon Tavelli

Forum Selection Clause in Website Terms of Use Binding Upon Telephone Purchaser

According to a recent federal court ruling, a telephone customer is bound by the terms of an online business’s privacy policy and terms of use to which the salesperson referred during the call. In Greer v. 1-800-Flowers.com, Inc., No. H-07-2543 (S.D. Tex. Oct. 3, 2007), the U.S. District Court for the Southern District of Texas enforced a forum selection clause contained in the website’s terms of use against a consumer who ordered flowers for his girlfriend on the telephone. Before placing his order, the plaintiff inquired as to the company’s privacy practices and a 1-800-Flowers.com representative referred him to the company’s online privacy policy. Plaintiff claimed he relied on this policy when he completed his order. The privacy policy clearly stated that it was part of the website’s terms of use, which the plaintiff did not read and which included a forum selection clause.

Continue Reading...
Tags: , , , , ,
Posted on October 17, 2007 by Timothy P. Tobin

New York Attorney General Settlement with Facebook Creates New Model to Protect Children Online

In follow-up to our earlier blog post regarding recent pressure on social networking sites from law enforcement, New York Attorney General Andrew Cuomo announced yesterday that his office had entered into a settlement with Facebook. The settlement resolves the Attorney General’s investigation of Facebook’s failure to fulfill public claims it made about protecting minors, which the Attorney General believed were deceptive acts and practices and false advertising in violation of New York consumer protection laws. Facebook did not admit to any wrongdoing.  

Continue Reading...
Tags: , , , , , , , , , , , , ,
Posted on October 17, 2007 by Timothy P. Tobin

Social Networking Sites Feel The Heat From Law Enforcement

Kids like social networking sites, most notably MySpace and Facebook. So it is not surpising that law enforcement is scrutinizing how the sites protect children. Recent subpoenas issued to Facebook by New York Attorney General Andrew Cuomo and New Jersey Attorney General Anne Milgram are illustrative.

Both subpoenas sought information about Facebook’s Internet safety and security policies. The New York subpoena, issued last month, also sought information concerning Facebook’s complaint resolution procedures. In its subpoena cover letter to Facebook, Attorney General Cuomo noted Facebook’s public representations concerning how it responds to reports of pornographic material and inappropriate contact with minors.  It also described its undercover investigation of Facebook. According to the letter, the investigation revealed pornographic and other inappropriate content readily available on the site. In addition, after investigators set up profiles as young teenage users, they received inappropriate sexual advances. The investigators filed complaints about these issues through Facebooks’ complaint procedures. The letter notes various instances of non-responsiveness or delayed response to such complaints. The New Jersey subpoena issued earlier this month, described here, sought information from Facebook concerning convicted New Jersey sex offenders that Facebook has identified as site users.  Facebook previously informed the New Jersey Attorney General it had removed sex offenders with profiles matching individuals listed on the New Jersey sex offender registry. Attorney General Milgram also sent letters to eleven other social networking sites requesting they compare their registrants against the state’s sex offender list.     

Continue Reading...
Tags: , , , , , , , , , , ,
Posted on July 26, 2007 by Clifford Davidson

Ninth Circuit Applies Pen Register and Mail Principles to Warrantless Monitoring of Internet Traffic

In a novel case, the Ninth Circuit ruled on July 6, as amended July 25, that government surveillance of Internet Protocol (“IP”) addresses visited, to/from addresses of emails, and the total volume of information sent to or from an email account does not violate the Fourth Amendment. United States v. Forrester, No. 05-50410, -- F.3d -- (9th Cir. July 6, 2007). The ruling does not affect the requirement that the government obtain a search warrant before searching the actual content of that Internet traffic. 

The defendant in United States v. Forrester, Dennis Louis Alba, was charged and convicted of various federal offenses relating to the operation of an Ecstasy-manufacturing laboratory. During the government’s investigation of Alba, it installed a device on Alba’s computer that gathered the IP addresses of the websites he visited, the to/from addresses of his emails, and the total volume of information sent to or from his email account. In his appeal, Alba contended that the surveillance constituted a warrantless search in violation of the Fourth Amendment and fell outside of the then-applicable pen register statute. The Ninth Circuit addressed the merits of Alba’s first contention, but found it unnecessary to address the second.  

The Ninth Circuit applied the Supreme Court’s analysis in Smith v. Maryland, 442 U.S. 735 (1979), in which the Court held that a pen register does not constitute a Fourth Amendment search. The Court so held because pen registers merely track phone numbers dialed and do not reveal the actual contents of conversations. Cf. Katz v. United States, 289 U.S. 347 (1967) (holding that one can have legitimate expectation of privacy in the contents of one’s phone conversations).  The Ninth Circuit reasoned that the government’s surveillance of Alba’s activity was “constitutionally indistinguishable” from surveillance via a pen register because accessing IP addresses involves the transmission and receipt of a unique identifier, which does not reveal actual content, via the third-party equipment of an internet service provider.  An Internet user therefore does not have a legitimate expectation of privacy in the IP addresses he or she accesses.

Continue Reading...
Tags: , , ,
Posted on March 7, 2007 by Timothy P. Tobin

ISP Data Retention Legislation Introduced; ISPs and Privacy Advocates Fear Broad Mandates

Last month, a group of eight Republican lawmakers introduced H.R. 837, the Internet Stopping Adults Facilitating the Exploitation of Today’s Youth (SAFETY) Act 2007. The bill would give the Attorney General very broad authority to enact rules requiring Internet Service Providers (“ISPs”) to retain records so law enforcement could access their customers’ online activities. The ostensible purpose of the bill is to give the Government greater tools to fight child pornography and terrorism. As introduced, however, there is no limitation on the scope of any Attorney General rules as long as they govern ISP record retention. The only substantive guidance the SAFETY Act provides is that the regulations, “at a minimum, require retention of records, such as the name and address of the subscriber or registered user to whom an Internet Protocol address, user identification or telephone number was assigned, in order to permit compliance with court orders that may require production of such information.” The Act would therefore result in rules requiring ISPs to at least retain logs that associate specific users with specific Internet Protocol (“IP”) addresses.  

Continue Reading...
Tags: , , , , ,