Posted on April 6, 2009 by Clifford Davidson

No Privacy Cause of Action for Od(e)ious Myspace.com Posting

According to a new, partially-published California Court of Appeal decision, there is no cause of action for invasion of privacy under the California Constitution where a plaintiff’s myspace.com posting is republished in a newspaper.   In Moreno et al. v. Hanford Sentinel, Inc., et al., F054138, slip op. (Cal. Ct. App. April 2, 2009), plaintiff Cynthia Moreno published on her myspace.com page “An ode to Coalinga,” in which she excoriated her hometown. She removed the Ode six days after she published it.

Before Ms. Moreno removed the Ode, the principal of Coalinga High passed the Ode on to the Editor of the Coalinga Record, which published the Ode, with Ms. Moreno’s first and last names, as a letter to the editor. The community reacted strongly (sometimes violently) and the Moreno family was forced to move from Coalinga. The Moreno family alleged that it suffered significant damages as a result.

The court held that Ms. Moreno’s publication of the Ode on myspace.com meant that the Ode was not private, and that Ms. Moreno’s expectation of a more limited myspace.com audience was of no consequence.  Further, the fact that she removed the Ode prior to publication in the Coalinga Record did not render the Ode private; “[t]he publication was not so obscure or transient that it was not accessed by others.”  Slip op. at 6.  Finally, the Court held that the Moreno family did not have standing to sue based on alleged invasion of Ms. Moreno’s privacy; “the right of privacy is purely personal.” Id.

It is not clear from the Court's opinion whether Ms. Moreno had protected her myspace.com page with some kind of privacy settings.  The outcome might have been different had Ms. Moreno explicitly alleged that she did so.  Because the court ruled at the demurrer stage, there was no evidence regarding that issue.

Tags: , , ,
Posted on June 30, 2008 by Scott J. Carpenter

CDA Protects MySpace from Underage User's Negligence Claim

On May 16, 2008 the U.S. Court of Appeals for the Fifth Circuit agreed with a number of other courts, holding that the Communications Decency Act (“CDA”) (47 U.S.C. Sec. 230) protects social networking websites from liability with respect to negligence claims based on third-party content published on the website and the consequences stemming from such content. In Doe v. MySpace, Inc., No. 07-50345, 2008 WL 2068064 (5th Cir. May 16, 2008), the plaintiff argued that MySpace negligently failed to implement appropriate technological safeguards to prevent the plaintiff, a 13-year-old, from registering on MySpace. The plaintiff lied in her registration materials, pretending to be 18 years old, and ignored MySpace’s warnings against sharing personal information on the website by posting her phone number. According to the plaintiff, the technological safeguards would have prevented her from meeting and being sexually assaulted by another MySpace user.

The so-called “Good Samaritan” provision of the CDA sets out, at 47 U.S.C. Sec. 230(c)(1), that     “[n]o provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider.”  This immunity provision has been construed broadly in cases involving the publication of user-created content.  Nevertheless, in Fair Housing Council v. Roomates.com LLC, 489 F.3d 921 (9th Cir. 2007), aff’d en banc 2008 (9th Cir., April 3, 2008), the Ninth  Circuit Court of Appeals found Roommates.com was not immunized under Section 230(c) because it required every user to answer questions regarding the user’s age, sex and sexual orientation. The Ninth Circuit held that these questions allowed users to discriminate against other users in violation of the Fair Housing Act. For more information, see our blog entry here.  

In Doe v. MySpace, the Fifth Circuit found that the CDA immunized MySpace from the plaintiff’s negligence claim because it was merely the web-based publisher of third-party information, not the author of the content.  Although the plaintiff claimed that she was not seeking to hold MySpace liable as a publisher of third-party content, the court held that the plaintiff’s allegations “speak to MySpace’s role as a publisher of online third-party-generated content,” and thus the CDA applied.  he plaintiff also argued that MySpace encouraged or allowed members to post information after the profiles had been created, and therefore that MySpace would not be immunized by the CDA because it partially created the content. The court declined to review the issue as plaintiff failed to raise it in the lower court. 

Unlike Roomates.com, MySpace does not require its users to post personal information that could potentially lead to discrimination. Moreover, MySpace discourages its users from sharing of personal information on its website whereas Roommates.com made sharing personal information a requirement of using the service. 

Section 230(c) of the CDA will be addressed further in the ongoing Subway v. Quiznos case (Doctor’s Associates Inc., v. QIP Holders LLC) involving sandwich giant Subway suing rival Quiznos. The case revolves around user-generated videos created at Quiznos behest that compare Subway’s sandwiches unfavorably to Quiznos’. Quiznos claims that the videos were not created by the company and that the online posting of the videos is protected by the CDA as Quiznos was merely hosting the website. Advertisers are concerned that they will no longer be able to run contests featuring user-created content comparing their product to a competitor’s. The case will be tried in a Connecticut federal district court in 2009.

Adam Rottenberg, a summer associate in Proskauer’s Los Angeles office, contributed to this post.
Tags: , , , ,
Posted on January 15, 2008 by Timothy P. Tobin

State Attorneys General Announce Agreement with MySpace to Protect Children Online

Yesterday, attorneys general from 49 states (all but California’s) and the District of Columbia announced a sweeping agreement with MySpace under which the company will adopt new measures to protect children online. This announcement culminates many months of negotiations between a task force of the attorneys generals led by Richard Blumenthal, the Connecticut Attorney General and Roy Cooper, the North Carolina Attorney General and is reflective of the intense pressure on web 2.0 sites to protect children online. We previously posted about that pressure, reporting on state attorneys general investigations of MySpace and Facebook here and the subsequent New York attorney general settlement with Facebook here. The new agreement with MySpace is available as an attachment to the press release on the North Carolina Attorney General’s website. 

The agreement is notable for its breadth. It goes well beyond the scope of the federal Children’s Online Privacy Protection Act (“COPPA”), which applies to the collection of personal information online from children 12 and under. The agreement includes some protections designed to protect teenagers under 18 with stronger protections for those under 16. Under the agreement, MySpace will take some readily achievable operational steps and work towards certain longer term goals such as developing new procedures and tools to protect children.

The more immediate steps include the following:

  • continuing to dedicate resources to educate parents and educators on child safety online;
  • using “best efforts” to acknowledge consumer complaints within 24 hours of receipt with a follow-up of the steps taken within 72 hours;
  • retaining an “Independent Examiner” to evaluate and examine handling of complaints;
  • continuing to cooperate with law enforcement on complaints, which includes continuing the law enforcement hotline number and creating a law enforcement liaison;
  • implementing a series of operational changes including:
    • “age locking” to reduce the number of times a user can change their age above or below the 18 year old threshold;
    • age restrictions on certain website functions that make it harder for adults to contact children such as limiting the ability of users over 18 to search in school sections; limiting the ability of users under 18 to designate themselves as swingers; limiting being able to browse certain categories such as “body type”, “smoke” and “drink”; limiting group invites; and automatically designating profiles as private for those under 16;
    • an image monitoring policy with technology to hash inappropriate images;
    • limitations on tobacco and alcohol advertisements to those under 18 and 21 respectively;
    • expanded age specific classifications for events;
    • expanded reporting functionality for violations including a drop down for categories such as pornography, cyberbullying and unauthorized use;
    • enhancing safety tools for members such as the ability to set profiles to private, the ability to block others and requiring those under 18 to affirmatively consent to having reviewed posted safety tips before registration; and
    • enhanced tools for parents such as the ability to remove a child’s profile.

MySpace also has agreed to engage in the following longer term efforts:  

  • organizing an industry-wide Internet Safety Technical Task Force to develop online safety tools – specifically, improved online identity authentication tools – with quarterly reports to the attorney generals’ task force;
  • designating a senior executive to work with the task force;
  • holding regular meetings with the attorney generals to discuss website design and functionality improvement to protect children;
  • hiring a third party to build and host a database of email addresses for parents to register users under 18 (to prevent child registration at social networking sites);
  • blocking access by those under 18 to profiles related to the entertainment industry;
  • increasing staff for monitoring and increasing the use of textual searching and other technologies for monitoring.
The agreement is set forth as a statement of principles and the parties have agreed to attempt to achieve the foregoing objectives, among others. According to reports, the attorney generals and MySpace continue to differ on the feasibility of new age authentication and verification technologies. The attorneys general have not ruled out legal action in the future if sufficient progress is not achieved.
Tags: , , , , , , , , , , , , , , , ,
Posted on October 17, 2007 by Timothy P. Tobin

New York Attorney General Settlement with Facebook Creates New Model to Protect Children Online

In follow-up to our earlier blog post regarding recent pressure on social networking sites from law enforcement, New York Attorney General Andrew Cuomo announced yesterday that his office had entered into a settlement with Facebook. The settlement resolves the Attorney General’s investigation of Facebook’s failure to fulfill public claims it made about protecting minors, which the Attorney General believed were deceptive acts and practices and false advertising in violation of New York consumer protection laws. Facebook did not admit to any wrongdoing.  

The settlement is particularly noteworthy for its resulting “new model” to protect children. As set forth in the settlement agreement and settlement terms, Facebook will:

  • Disclose the newly implemented safety procedures on its website as specified by the agreement and ensure that all other public statements made by Facebook about safety are consistent with the specified language.
  • Accept complaints about nudity or pornography, harassment or unwelcome contact confidentially via hyperlinks placed throughout Facebook’s website as well as via an independent email to abuse@facebook.com.
  • Respond to and begin addressing complaints about nudity or pornography, harassment or unwelcome contact within 24 hours.
  • Report to the complainant the steps it has taken to address the complaint within 72 hours where the complaint has been submitted via an independent email to abuse@facebook.com.
  • Allow Facebook’s complaint review process to be examined by an Independent Safety and Security Examiner (ISSE), a third party approved by the New York State Attorney General’s Office, to report on Facebook’s compliance with the agreement.
  • Provide a prominent and easily accessible hyperlink to allow a Facebook user or their parent/guardian to give feedback to the Independent Safety and Security Examiner (ISSE) about Facebook’s performance in responding to complaints. 
  • Submit to the Office reports prepared by the Independent Safety and Security Examiner (ISSE) evaluating Facebook’s performance in responding to complaints. The Examiner will report bi-annually and may recommend additional safety measures concerning complaint handling, as appropriate.

Both Attorney General Cuomo and Facebook are touting the agreement as setting new industry standards to protect children. Notably, Connecticut Attorney General Richard Blumenthal, co-chair of the national social networking task force of all 50 state Attorneys General, issued a press release stating the settlement terms were not strong enough. He is urging social networking sites to increase the use of filtering technology and monitors to screen content, identity and age verification for anyone 18 and older, parental consent for anyone under 18, the hiding of children’s profiles from adults, certain restrictions on advertising to children, and other measures. In light of the settlement, the likely continued interest by law enforcement, and the potential dangers to children, social networking sites should consider assessing their security practices and policies.           
Tags: , , , , , , , , , , , , ,
Posted on October 17, 2007 by Timothy P. Tobin

Social Networking Sites Feel The Heat From Law Enforcement

Kids like social networking sites, most notably MySpace and Facebook. So it is not surpising that law enforcement is scrutinizing how the sites protect children. Recent subpoenas issued to Facebook by New York Attorney General Andrew Cuomo and New Jersey Attorney General Anne Milgram are illustrative.

Both subpoenas sought information about Facebook’s Internet safety and security policies. The New York subpoena, issued last month, also sought information concerning Facebook’s complaint resolution procedures. In its subpoena cover letter to Facebook, Attorney General Cuomo noted Facebook’s public representations concerning how it responds to reports of pornographic material and inappropriate contact with minors.  It also described its undercover investigation of Facebook. According to the letter, the investigation revealed pornographic and other inappropriate content readily available on the site. In addition, after investigators set up profiles as young teenage users, they received inappropriate sexual advances. The investigators filed complaints about these issues through Facebooks’ complaint procedures. The letter notes various instances of non-responsiveness or delayed response to such complaints. The New Jersey subpoena issued earlier this month, described here, sought information from Facebook concerning convicted New Jersey sex offenders that Facebook has identified as site users.  Facebook previously informed the New Jersey Attorney General it had removed sex offenders with profiles matching individuals listed on the New Jersey sex offender registry. Attorney General Milgram also sent letters to eleven other social networking sites requesting they compare their registrants against the state’s sex offender list.     

These actions from New York and New Jersey are the latest steps by attorneys general from all 50 states to pressure social networking sites to enhance security protocols, specifically parental controls and age verification tools because of the vulnerability of children to online predators and inappropriate content. In particular, since early last year, Richard Blumenthal, the Connecticut Attorney General and Roy Cooper, the North Carolina Attorney General, have led a task force of the attorneys general calling on social networking sites to increase protections for children. Some of the steps the task force has urged of social networking sites have included enhanced age verification tools, restrictions on the ability of children increased parental consent to allow children to make profiles available to others in the absence of parental consent, increased staff and technology dedicated to screening inappropriate content, giving parents software to block the site, and raising the minimum age of participation to 16.       

This Spring, MySpace was in the news after receiving a letter from eight attorneys general demanding information concerning registered sex offenders on its site. After initially asserting it was unable to legally comply, MySpace struck an agreement with the attorneys general about the form of the requests. MySpace later announced it had removed more than 29,000 profiles of sex offenders from its site.

North Carolina and Connecticut are among states that introduced legislation requiring age verification measures on websites. Those bills have not passed but are expected to be introduced in future legislative sessions.

Businesses developing social networking sites that may attract children should not only comply with the Children’s Online Privacy Protection Act (“COPPA”) and its regulations concerning parental consent when collecting personal information of children, but should also be aware of increased state activity that may require enhanced practices. Companies should consider scrubbing user profiles against sex offender registries and utilizing enhanced tools for age verification. Finally, companies should be sure they are not making any security representations they are not abiding by or with which they cannot comply.  
Tags: , , , , , , , , , , ,