Sunday, August 23, 2009

Full Text of Interview from Portfolio.com

I was interviewed recently by Romy Ribitzky from Portfolio.com. I posted a link on this blog several days ago. Given that the interview was considerably longer than the quotes used (understandably, charitably and without complaint), I thought I'd include the full scope of my thoughts -- yes, for what they're worth -- here.


Romy Ribitzky: Do companies have the right to dictate what an employee can and can’t do with their own, personal, online presence?

Jonathan Pink: Companies have no absolute legal right to dictate what an employee can or can’t do, and in fact some states have statutes that affirmatively prohibit an employer from taking action against employees for lawful off-duty activity. Some courts have held that these statutes do little more than reaffirm existing rights, but an argument exists that posting to blogs or social network sites would fall into the category of lawful activities protected by such statutes. Companies may try to circumvent such statutes by having employees enter into a nondisparagement agreement, a confidentiality agreement, or the like. If consideration is given for these contracts, and the parties knowingly and affirmatively assume the obligations set forth in them, companies can acquire rights not otherwise theirs to assert. That said, without such agreements, and without suggesting that employees ever have the right to engage in illegal activity, companies do not have the right to dictate what an employee can or can’t to with their own, personal online presence. Also, of course, where the employer/employee are in a at-will employment state, such as California, an employer may terminate an employment for no reason at all. This means that while an employer may not regulate otherwise legal, off work conduct absent a contractual agreement to the contrary, an employer can look at the employee’s on-line persona and decide “we really don’t want someone like that here.”

Romy Ribitzky: What legal murkiness do you enter when you encourage your employees to blog, tweet, etc. about your organization, their projects?

Jonathan Pink: Asking employees to blog, tweet, etc. about their employer can be a double-edged sword both legally and otherwise. You may recall that Comcast was the subject of some highly unfavorable bulletin-board posts, and the negative commentary posed a real PR danger to the company. One rogue employee took it upon himself to set the record straight by posting positive comments and addressing the inaccuracies that were multiplying on the web. When word reached upper-management, the immediate reaction was to reel in this employee. But the company’s CEO saw it differently, he saw the benefit of this fellow addressing the inaccuracies and posting the good word about the company. The result was, the employee was given not just the right to continue.

From a legal standpoint, having an employee in this position can also present problems. Is the employee then speaking on behalf of the company as an authorized agent? Probably, and if so, his or her statements may be attributed to the company itself. This can have unexpected and unintended ramifications. Another issue is copyright infringement. If the employee decides to lift text from another source for use on the company-sponsored blog, not only will the employee be liable for infringement, but the company too may find itself facing an infringement claim, or at the very least a Digital Millennium Copyright Act takedown notice. A tougher call would be if the employee disparaged a third party on the company sponsored blog. The Telecommunications Act of 1996 (47 USC 230(c)) may provide protection to the company, depending on whether it had control over the employee’s content, while the employee individually would have no protection.


Romy Ribitzky: What are the privacy risks with searching a candidate’s social media sites as a factor in the employment decision?

Jonathan Pink: If a prospective employee places his or her content on the web, he/she should fully expect that will be discovered by a prospective employer. If the candidate placed the content onto the web, there are few - - if any - - privacy rights he or she could claim. An interesting footnote on that point, I have a client that is a large media company head quartered in New York. The client recently mentioned that it now requires perspective employees to “friend” it on Facebook so that the HR department can have a look at would-be employees beyond what is reflected in their resumes. As long as the perspective employee agrees to this, there is nothing illegal about it. Moreover, while it may appear somewhat invasive, it also may prove very helpful in making employment decisions that save the company money down the line.

Romy Ribitzky: What privacy risks are associated with monitoring your employees on social media platforms while they’re at work?

Jonathan Pink: The general rule of thumb is that an employee has no right to privacy over anything he or she writes, posts, or retrieves from the web while using an employer’s computer. This includes emails, and Facebook posts. The employer has the right to monitor employees’ computers - - and many companies make frequent use of this right. So, in a nutshell, employees should assume that they have no privacy rights with respect to any social media platforms they interact with while at work.

Romy Ribitzky: What should you consider when developing internal social networking sites for employees?

Jonathan Pink: When developing internal social networking sites for employees, common sense and discretion should dictate the rules of the road. Obviously rules need to put into place, and followed rigorously, to protect fellow employees and company property. This means staying clear of disparaging, taunting and threatening co-workers, and using discretion before publishing non-public, company information. So, employees need to remember that what they post is public, or semi-public, and they need to “play nice.” What one employee regards as funny may be viewed by others as derogatory, insulting, threatening, inappropriate and/or offensive, any one of which could cost the posting employee his or her job. Employees should allow their conduct to be governed by the maxim “discretion is the better part of valor.” And if an employee doesn’t think he or she can live within such guidelines, they should opt-out of any participation in such a venue.

Romy Ribitzky: What are the protections companies enjoy when a third-party posts comments on their social media sites or in response to a blog, tweet, etc.

Jonathan Pink: The Internet has opened new channels of communication and self-expression. An individual’s ability to have a voice in the world has never been greater. While this is good, it also presents risks to those who write first and think later. With this in mind, when a third-party posts comments on a company’s social media sites, or in response to a blog, the most common danger is that the poster will defame another party. As with traditional print media, laws related to defamation apply in cyberspace as well.

Companies, however, may have protection for allegedly defamatory statements made by others on their site. This is because providers of interactive computer services are immune from liability for content created by third parties when sued "as the publisher or speaker of any information provided by" someone else under the Telecommunications Act of 1996 (47 U.S.C. § 230(c)).

Courts have applied Section 230(c) to a broad mix of "computer service providers." For example, courts have found that this Section shielded the publisher where third party content was posted a blog entitled “ripoffreport.com” that warned consumers about unscrupulous practices and bad service, and it has also been used as a defense to claims of negligent misrepresentation, interference with prospective advantage, unfair business practices.

Romy Ribitzky: When are companies liable for that post and how can they limit or prevent liability?

Jonathan Pink: Section 230(c), however, will not provide protection to a company where the company itself is the deemed the speaker/poster of the content. Thus, where the content was posted by an employee working in his or her capacity as a company representative, the company itself will likely be deemed the speaker, and will be held liable for comments posted.

We see something similar in the area of copyright infringement, where a company can, in some instances, be held liable for another person’s infringing post either as a direct infringer or as a party with secondary liability. Secondary liability cam be either contributory infringement and vicarious infringement. The good news is, however, that – as with claims for defamation – some additional protections exist on line that do not exist in traditional print media. In the cyber world, the safe harbor provision of the Digital Millennium Copyright Act may apply to protect a company from liability, provided it complies with all of the Act’s requirements. This means designating an agent for notification with the Copyright Office, and establishing – and posting -- a policy against repeat infringement by its readers. So, while companies may not have a duty to police their blogs for copyright infringement, they must act to remove infringing content when they are put on notice or face liability.

Romy Ribitzky: Can companies moderate user product reviews and discussions and keep its legal protections against wrongful posts from users?

Jonathan Pink: There is no easy answer to whether companies that moderate user product reviews and discussions can continue to maintain their legal protections against wrongful (e.g. defamatory) posts made by users. Courts have consistently held that 47 USC section 230(c) protects one from exercising traditional editorial controls over user-generated content. Thus, for example, deciding whether to publish, delete, or edit material should all be covered by Section 230. However, the further away a company moves from these traditional editorial functions, the more it risks losing its Section 230 immunity. If a company does nothing more than host third-party content, without providing any editorial oversight, it will likely be protected under Section 230. If it exercises traditional editorial functions over user-generated content, it should be protected as well. But once the company goes beyond that, it starts getting into potentially choppy legal waters.

Romy Ribitzky: What issues arise from your company’s blogging about a competitor’s product both on the clock and off, in case an employee does it from a personal account at home?

Jonathan Pink: When blogging about a competitor’s product, be it on or off the clock, the same general rules regarding trade liable, interference with economic advantage and false advertising apply. In short, making statements that are false or disparaging is never a good idea, and it’s not made any better when done on line. As to whether the company – as opposed to the individual -- could be held liable for this conduct, that would turn on the facts specific to the controversy. In other words, was the off-duty employee engaging in conduct on behalf of the company? I know how most companies would answer that question if this came to litigation.

Romy Ribitzky: How should you handle legal and governmental requests for information about your members?

Jonathan Pink: Handling legal and governmental requests for information will depend on the scope of the information requested. These types of requests should always be directed to the company’s legal department or outside legal counsel. There are times, in certain circumstances, where such requests for information will be overly broad or may improperly impinge the target’s right to privacy – thus subjecting the responding company to liability. Certainly, we’ve seen many cases where the subpoenaing party has been unable to attain the information they requested and, on the flip side, we have been successful in obtaining such information from those who would have liked to shield it. So it is a fact specific situation, and the answer will vary based on those facts.

jonathan.pink@bryancave.com 949-223-7173

Wednesday, August 5, 2009

Jailbirds and the DMCA

Jailbirds and the DMCA

Breaking news: SoCal man busted on charges of "jail breaking" videogame consoles in violation of the Digital Millennium Copyright Act (“DMCA”). Not sure this really rises to the level of such extensive law enforcement, but according to Wired News, Homeland Security authorities arrested 27 year old Matthew Crippen this week on charges of having circumvented the copyright encryption technology on a number of videogame consoles including Wii, PlayStation and the Xbox. Crippen, an Anaheim, California resident and Cal State Fullerton liberal arts student, charged customers $30 a pop for this -- uh -- service.

I could make a comment here about Anaheim being the home of Disneyland, and Crippen's age being a little advanced for an undergrad, or the fact that he was doing all this for $30 a pop when a job at Starbucks probably would have paid just as well (and would not have led to his arrest), but I won't. I'll refrain. So, enough of that, and on to the next paragraph, please.

Really, this story makes me feel very, very secure. I mean, what with the Bush administration (and Chenney in particular), I really thought that terrorists were practically at our front door. Turns out, this must not be the case given that Homeland Security has time to bust a guy who's gaming videogame consoles. Wow, what must the strategy sessions that led to that bust have been like? "Guys, we've got a big one." (Tense silence as the team, clad in black, waits . . . .) "Hacker." (Team's thinking: code for Bin Laden, no . . . for . . . who?! They all nod knowingly as their leader continues.) "Bastard's breaking into Xboxes, the Wii and . . . the PlayStation." (Whoa. Sweat starts to form on foreheads . . . .) Cut to the five black vans with blackened windows pulling up outside Crippen's house, firepower in abundance, men taking positions – BAM! the door comes down and the fugitive comes out -- dressed in boxes and holding a screw driver? At least that's how I imagine it.

Anyway, why all the fuss? Because under the DMCA, jailbreaking a video game is a copyright no-no. The DMCA provides, in relevant part, that, “no person shall circumvent a technological measure that affectively controls access to a work protected under this title.” Stated another way, no jailbreaking decrypted copies of videogame unless you're ready to do some hard time . . . and have Homeland Security come knocking at your door. Now don't get me wrong: the DMCA is a great statute and I've used it in some of my own cases, but this really seems like killing a gnat with a sledgehammer when a rolled up newspaper would suffice.

So now the big question now is: where did Crippen get his training? Afghanistan? Pakistan? From the The Big Man? No, according to Wired, Crippen learned his skill on “Google, man.” He was released on Monday on $5,000 bond.

Monday, August 3, 2009

Pirate Update

Pirate update: No, not the Somalis, the Dutch.

According to a report in IP360 (and the Associated Press), a Dutch court has given Pirate Bay 10 days to walk the plank – errr, to shut down operations in the Netherlands. And if they don’t? There are sharks waiting for them in the churning sea below, to the tune of up to $42,000 per day. Ouch! It is not clear from either report how the Court proposes to enforce its order or to block Netherlands-based traffic (one envisions a little Dutch boy, with his finger in the Internet dyke), but that’s what the Court has said and they seem to mean business.

The ruling, by the way, follows the copyright infringement suit filed just over a week ago by a number of studios (a baker’s dozen, all of whom have the dough to do so). Pirate Bay has continued to operate notwithstanding a ruling last April from a Swedish court which sent the site's founders to jail (for one year each), and hit them with a hefty $3.6 million fine based on similar charges.

How is it that Pirate Bay gets him with infringement suits (and, ahem, jail time) when YouTube hosts plenty of material that may well be covered by third party copyrights? Because unlike YouTube, Pirate Bay distributes torrent files, linking users to the copyrighted material. It is the users who host the torrents and who are in possession of any infringing material.

Thus, by seeking to circumvent claims of domestic and international copyright infringement, the Pirate walks the plank, while YouTube . . . . walks to the bank.


Jonathan Pink litigates copyright actions around the globe. He is Co-Leader of the Internet and New Media Team at Bryan Cave, LLP. Bryan Cave is an international law firm with more than 1200 attorneys world wide.

Sunday, August 2, 2009

Facebook, High School Renunions, Patent Infringement and Cable TV

My high school reunion is coming up. Thirty years. No, I won’t make it. I’ll be on vacation with my family. Not that I’d intentionally avoid it; it just worked out that way.

I actually enjoyed the last reunion. It was our 25th, and held at a classmate’s home. This wasn’t like a backyard pool party or a front yard Bar-B-Q. This classmate had purchased the former George C. Scott Estate in Bel Air. He’d done quite well for himself (starting a gay television network; I don’t have a TV, but I’m assuming we’re talking cable here). The fact that he had done quite well is particularly interesting to me because he was not one of the popular kids in high school. (Nor was I.) He was always a bit of an outsider (as – I am somewhat chagrinned to admit – was I).

Which brings me to my point (sort of): I always wonder what happened to the popular kids. Most of the successful ones I can think of were not the popular ones. Most of the popular ones are not now terribly successful. At the last reunion, I remember talking to one of them. He didn’t remember me, but was still more than happy to chat. He was living in a trailer; didn’t drive, but did ride a bike. He spent about 15 minutes recounting for me that time in high school when he saw a UFO. It was a little metallic ball, he told me, looking in at him through a window while he watched TV and his laundry tumbled dry in the next room.

Side note: Now you’ve got to remember the first Star Wars movie which – huh! – came out when this guy and I were in high school. Remember the scene where Luke learns to use the light saber? Remember the little metal ball flying around? I can’t say for certain, but I’m guessing there is a connection here which, I’m sorry to say, I didn’t point out to my old friend. Instead, I said “Huh, you know, I’m going to get another drink,” then hurried away. (I then met up with one of my closest friends – a psychologist -- and encouraged him to go talk to Mr. UFO.)

Back to my point: So, it seems to be that, if you’re popular in high school, you’re likely to be perceived as an underachiever at your high school reunions, at least when compared with the losers in high school who now own estates, or at least practice intellectual property law in Irvine.

Ahem. The point of all this lead up? To compare and contrast what happens when you’re a successful business. What happens? That’s easy: you get sued. Case in point: Facebook. Hugely popular (hey, if you’re reading this, feel free to send me a “friend” request on Facebook), Facebook has had its share of lawsuits of late. A couple of click fraud cases, and at least one patent infringement suit brought against it by Leader Technologies Inc.

The patent infringement case was the subject of an interesting recent ruling, whereby Facebook was ordered to provide the plaintiff with a complete copy of Facebook’s entire computer source code. What does this have to do with the suit itself? Leader Technologies sued alleging Facebook had deliberately infringed Leader’s U.S. Patent Number 7,139,761, titled “Dynamic association of electronically stored information with iterative workflow changes.” As if the title were not clear enough, the patent has to do with the management and storage of electronic information (something most websites – including this one – does). In that case, however, Leader claims that Facebook infringed its patent by marketing services “including but not limited to those related to the Facebook Web site.”

Like any good patent plaintiff, Leader is seeking preliminary and permanent injunctions, treble damages, attorneys' fees and costs. Uh-huh. We’ve all seen this drill before. In fact, I’m in a battle like this one now, except it involves mattresses and memory foam rather than “electronically stored information with interactive workflow changes.” Almost the same, but not quite.

In any event, in the Facebook case, Magistrate Judge Leonard P. Stark (DC Del) ruled that Facebook must provide Leader with a hierarchical map of its source code by the end of this week, and the entire source code by Friday, August 21st. Facebook is not happy. It claims Leader has no need for the entire source code, or at least has failed to articulate such a need.

The Court disagreed. Judge Stark ruled that a protective order would adequately address any of Facebook’s concerns, and founded his decision on the declaration of plaintiff’s expert witness, and a limited review of a portion of the code itself. Maybe so, but the ruling really seems over reaching to me. I’d bet anything that the Judge is not Facebook.

Leader, by the way, bills itself as a “pioneer in Web-based collaboration platforms.” I point this out only because of the further parallel to my case, which involves a bedding platform. And also because, just like a high school reunion – where the once popular are now not so (and those who weren’t now own gay television networks) – it’s all about creating “dynamic associations.”


Jonathan Pink litigates copyright, trademark and patent cases at Bryan Cave, LLP. He is resident in the Irvine office and can be reached at jonathan.pink@bryancave.com.