MediaTech Law

By MIRSKY & COMPANY, PLLC

The Weird World of Open Source Software Licenses

Posted September 15, 2017 by Dylan Gilbert 0

I like to think that somewhere in America, at this very moment, a college kid has just agreed without reservation to accept five bucks from his friend to drink an entire bottle of hot sauce. Non-lawyers are often surprised to learn that, public policy concerns aside, such an agreement contains all the elements necessary to create a legally binding contract: Offer, acceptance and consideration.

Part of a lawyer’s job is to identify relevant legal issues lurking beneath factual scenarios. Issue spotting can be frustratingly difficult, however, because, as the absurd hot sauce agreement illustrates, the law is often counterintuitive. Counter-intuitions abound in the weird world of open source license agreements. License agreements have become commonplace in our tech-saturated lives. If you’re not sure what they are, jog your memory to the last time you downloaded an app for your laptop or smartphone. Remember being asked to read and agree to an endless list of terms and conditions? That contract that you “read” and agreed to was almost certainly an end user license agreement to use the app for a specific purpose.

Over the past twenty years or so, several copyright licensing movements have gained traction. In general, these new types of licenses challenge traditional notions of copyright protection by granting licensees the right to modify the original copyrighted material for future use free of charge so long as certain promises are kept and/or conditions are met.

One well-known movement is the Open Source Initiative, which reviews and approves open source software (OSS) licenses. OSS licenses typically provide licensees with the right to access the source code of the original software program (hence “open” source) and create new software programs subject to the terms of the license.

Read More

Copyright, Fair Use, and the Kissing Picture: Storms v. New England Sports Network, Inc.

Posted June 18, 2017 by Andrew Mirsky 0

Recently, a photojournalist, Michael Storms, filed an intriguing lawsuit in the U.S. District Court for the Southern District of New York against a website that published photographs taken by Mr. Storm without his permission and without paying Mr. Storms a licensing fee. The photos were of New York Mets pitcher Matt Harvey kissing Victoria Secret model Adriana Lima at a restaurant in Miami, not long after Ms. Lima broke up with New England Patriots wide receiver Julian Edelman. The pictures were posted on the website of the New England Sports Network (NESN). (The case is Storms v. New England Sports Network, Inc.)

On its face, the complaint is relatively short and generic, but it will be interesting to see the defendant’s reply, whether the network argues that its use of the photos constitutes permissible “fair use,” and the potential effect of the court’s decision on copyright law as a whole.

Under the U.S. Copyright Act, 17 U.S.C. §§ 101 et seq., the “fair use of a copyrighted work, including . . . for purposes such as . . . news reporting . . . is not an infringement of copyright.” While there is no strict formula for how a court determines “fair use”, the Copyright Act (17 U.S. Code § 107) requires consideration of 4 factors:

  1. the purpose and character of the use, including whether such use is of a commercial nature or is for nonprofit educational purposes;
  2. the nature of the copyrighted work;
  3. the amount and substantiality of the portion used in relation to the copyrighted work as a whole; and
  4. the effect of the use upon the potential market for or value of the copyrighted work.
Read More

Blogs and Writings We Like

Posted May 18, 2017 by Andrew Mirsky 0

This week we highlight 3 writers discussing timely subjects in media tech law: Sandy Botkin writing about zombie cookies and targeted advertising, Geoffrey Fowler writing about the new world of phishing and “phishermen” (yes, that’s a thing), and Justin Giovannettone and Christina Von der Ahe writing about nonsolicitation agreements and social media law.

FTC vs Turn, Inc.: Zombie Hunters

Sandy Botkin, writing on TaxBot Blog, reports amusingly on the FTC’s December 2016 settlement with digital advertising data provider Turn, Inc., stemming from an enforcement action against Turn for violating Turn’s own consumer privacy policy. Botkin used the analogy of a human zombie attack to illustrate the effect of actions Turn took to end-run around user actions to block targeted advertising on websites and apps.

According to the FTC in its complaint, Turn’s participation in Verizon Wireless’ tracking header program – attaching unique IDs to all unencrypted mobile internet traffic for Verizon subscribers – enabled turn to re-associate the Verizon subscriber with his or her use history. By so doing, according to Botkin, this further enabled Turn to “recreate[] cookies that consumers had previously deleted.” Or better yet: “Put another way, even when people used the tech equivalent of kerosene and machetes [to thwart zombies], Turn created zombies out of consumers’ deleted cookies.”

What we like: We like Botkin’s zombie analogy, although not because we like zombies. We don’t. Like. Zombies. But we do think it’s a clever explanatory tool for an otherwise arcane issue.

*            *            *

Your Biggest Online Security Risk Is You

Geoffrey Fowler writes in The Wall Street Journal (here ($), with an even fuller version of the story available here via Dow Jones Newswires) about the latest in the world of phishing, that large category of online scams that, one way or another, has the common goals of accessing your data, your money or your life, or someone else’s who might be accessed through your unsuspecting gateway.

“If you’re sure you already know all about them, think again. Those grammatically challenged emails from overseas ‘pharmacies’ and Nigerian ‘princes’ are yesterday’s news. They’ve been replaced by techniques so insidious, they could leave any of us feeling like a sucker.”

Oren Falkowitz of Area 1 Security told Fowler that about 97% of all cyberattacks start with phishing. Phishing is a big deal.

Fowler writes of the constantly increasing sophistication of “phishermen” – yes, that’s a term – weakening the effectiveness of old common-sense precautions:

In the past, typos, odd graphics or weird email addresses gave away phishing messages, but now, it’s fairly easy for evildoers to spoof an email address or copy a design perfectly. Another old giveaway was the misfit web address at the top of your browser, along with the lack of a secure lock icon. But now, phishing campaigns sometimes run on secure websites, and confuse things with really long addresses, says James Pleger, security director at RiskIQ, which tracked 58 million phishing incidents in 2016.

What we like: Fowler is helpful with advice about newer precautions, including keeping web browser security features updated and employing 2-factor authentication wherever possible. We also like his admission of his own past victim-hood to phishing, via a malware attack. He’s not overly cheery about the prospects of stopping the bad guys, but he does give confidence to people willing to take a few extra regular precautions.

*            *            *

Don’t Friend My Friends: Nonsolicitation Agreements Should Account for Social Media Strategies

This is an employment story about former employees who signed agreements with their former employers restricting their solicitations of customers of their former employers. In the traditional nonsolicitation context, it wasn’t that hard to tell when a former employee went about trying to poach his or her former company’s business. Things have become trickier in the age of social media, when “friend”-ing, “like”-ing, or “following” a contact on Facebook, Twitter, Instagram or LinkedIn might or might not suggest nefarious related behavior.

Justin Giovannettone and Christina Von der Ahe of Orrick’s “Trade Secrets Watch” survey a nice representative handful of recent cases from federal and state courts on just such questions.

In one case, the former employee – now working for a competitor of his former employer – remained linked via LinkedIn with connections he made while at his former company. His subsequent action in inviting his contacts to “check out” his new employer’s updated website drew a lawsuit for violating his nonsolicitation. For various reasons, the lawsuit failed, but of most interest was Giovannettone and Von der Ahe’s comment that “The court also noted that the former employer did not request or require the former employee to “unlink” with its customers after he left and, in fact, did not discuss his LinkedIn account with him at all.”

What we like: Giovannettone and Von der Ahe point out the inconsistencies in court opinions on this subject and, therefore, smartly recognize the takeaway for employers, namely to be specific about what’s expected of former employees. That may seem obvious, but for me it was surprising to learn that an employer could potentially – and enforceably – prevent a former employee from “friend”-ing on Facebook.

Read More

“Do Not Track” and Cookies – European Commission Proposes New ePrivacy Regulations

Posted May 2, 2017 by Andrew Mirsky 0

The European Commission recently proposed new regulations that will align privacy rules for electronic communications with the much-anticipated General Data Protection Regulation (GDPR) (the GDPR was fully adopted in May 2016 and goes into effect in May 2018). Referred to as the Regulation on Privacy and Electronic Communications or “ePrivacy” regulation, these final additions to the EU’s new data protection framework make a number of important changes, including expanding privacy protections to over-the-top applications (like WhatsApp and Skype), requiring consent before metadata can be processed, and providing additional restrictions on SPAM. But the provisions relating to “cookies” and tracking of consumers online activity are particularly interesting and applicable to a wide-range of companies.

Cookies are small data files stored on a user’s computer or mobile device by a web browser. The files help websites remember information about the user and track a user’s online activity. Under the EU’s current ePrivacy Directive, a company must get a user’s specific consent before a cookie can be stored and accessed. While well-intentioned, this provision has caused frustration and resulted in consumers facing frequent pop-up windows (requesting consent) as they surf the Internet.

Read More

Circuits Weigh-in on PII Under the VPPA

Posted April 21, 2017 by Andrew Mirsky 0

The Video Privacy Protection Act (VPPA) was enacted in 1988 in response to Robert Bork’s Supreme Court confirmation hearings before the Senate judiciary committee, during which his family’s video rental history was used to great effect and in excoriating detail. This was the age of brick-and-mortar video rental stores, well before the age of instant video streaming and on-demand content. Nonetheless, VPPA compliance is an important component to any privacy and data security programs of online video-content providers, websites that host streaming videos and others that are in the business of facilitating consumers viewing streaming video.

Judicial application of the VPPA to online content has produced inconsistent results, including how the statute’s definition of personally-identifiable information (PII)—the disclosure of which triggers VPPA-liability—has been interpreted. Under the VPPA, PII “includes information which identifies a person as having requested or obtained specific video materials or services from a video tape service provider.” 18 U.S.C. § 3710(a)(3). Courts and commentators alike have noted that this definition is vague particularly when applied to new technological situations, as it describes what counts as PII rather than providing an absolute definition. Specifically in the streaming video context, the dispute of the PII definition typically turns on whether a static identifier, like an internet protocol (IP) address or other similar identifier uniquely assigned to consumers, counts as PII under the VPPA.

Read More

Legal Issues in Ad Tech: IP Addresses Are Personal Data, Says the EU (well … sort of)

Posted November 20, 2016 by Andrew Mirsky 0

Much has been written in the past 2 weeks about the U.S. Presidential election. Time now for a diversion into the exciting world of data privacy and “personal data”. Because in the highly refined world of privacy and data security law, important news actually happened in the past few weeks. Yes, I speak breathlessly of the European Court of Justice (ECJ) decision on October 19th that IP (internet protocol) addresses are “Personal Data” for purposes of the EU Data Directive. This is bigly news (in the data privacy world, at least).

First, what the decision actually said, which leads immediately into a riveting discussion of the distinction between static and dynamic IP addresses.

The decision ruled on a case brought by a German politician named Patrick Breyer, who sought an injunction preventing a website and its owner – here, publicly available websites operated by the German government – from collecting and storing his IP address when he lawfully accessed the sites. Breyer claimed that the government’s actions were in violation of his privacy rights under the EU Directive 95/46/EC – The Data Protection Directive (Data Protection Directive). As the ECJ reported in its opinion, the government websites “register and store the IP addresses of visitors to those sites, together with the date and time when a site was accessed, with the aim of preventing cybernetic attacks and to make it possible to bring criminal proceedings.”

The case is Patrick Breyer v Bundesrepublik Deutschland, Case C-582/14, and the ECJ’s opinion was published on October 19th.

Read More

Private Metadata is Doublethink

Posted October 21, 2016 by Andrew Mirsky 0

It is commonly said that if you do not want digital information found, then you should not create any. A challenge however is that there is a class of digital information, called metadata, that often is not created by you but is nonetheless associated with you. While content is any information that can be published or posted online, such as tweets, photos, videos, ebooks, Facebook posts and games, to name a few, metadata is something entirely different.

At first metadata was used to help describe content. It was automatically assigned by the software or app developer to help make the content easier to sort, index and later find. Location tags for example, are a common form of metadata. When content is posted online, the location of the sender may be attached to the content. A person posting a picture of a beach to his Facebook account will reveal to his network that he is in Cabo San Lucas, Mexico and that the picture was taken two days ago at 3:30 PM.

Metadata is expressive now, meaning it reveals information about the individual’s behavior and ultimately identity, regardless of whether the individual wants to be known or the behavior identified, based on the content the individual creates, and what the individual searches or buys online. Thus a user who posts a picture of a positive pregnancy test, shops for prenatal vitamins and performs an online search for baby furniture can be inferred to be female and pregnant.

Read More

Legal Issues in Ad Tech: Who Owns Marketing Performance Data?

Posted October 11, 2016 by Andrew Mirsky 0

Does a marketer own data related to performance of its own marketing campaigns? It might surprise marketers to know that data ownership isn’t automatically so. Or more broadly, who does own that data? A data rights clause in contracts with DSPs or agencies might state something like this:

“Client owns and retains all right, title and interest (including without limitation all intellectual property rights) in and to Client Data”,

… where “Client Data” is defined as “Client’s data files”. Or this:

“As between the Parties, Advertiser retains and shall have sole and exclusive ownership and Intellectual Property Rights in the … Performance Data”,

… where “Performance Data” means “campaign data related to the delivery and tracking of Advertiser’s digital advertising”.

Both clauses are vague, although the second is broader and more favorable to the marketer. In neither case are “data files” or “campaign data” defined with any particularity, and neither case includes any delivery obligation much less specifications for formatting, reporting or performance analytics. And even if data were provided by a vendor or agency, these other questions remain: What kind of data would be provided, how would it be provided, and how useful would the data be if it were provided?

Read More

Legal Issues in Ad Tech: Anonymized and De-Identified Data

Posted September 30, 2016 by Andrew Mirsky 0

Recently, in reviewing a contract with a demand-side platform (DSP), I came across this typical language in a “Data Ownership” section:

“All Performance Data shall be considered Confidential Information of Advertiser, provided that [VENDOR] may use such Performance Data … to create anonymized aggregated data, industry reports, and/or statistics (“Aggregated Data”) for its own commercial purposes, provided that Aggregated Data will not contain any information that identifies the Advertiser or any of its customers and does not contain the Confidential Information of the Advertiser or any intellectual property of the Advertiser or its customers.” (emphasis added).

I was curious what makes data “anonymized”, and I was even more curious whether the term was casually and improperly used. I’ve seen the same language alternately used substituting “de-identified” for “anonymized”. Looking into this opened a can of worms ….

What are Anonymized and De-Identified Data – and Are They the Same?

Here’s how Gregory Nelson described it in his casually titled “Practical Implications of Sharing Data: A Primer on Data Privacy, Anonymization, and De-Identification”:

“De-identification of data refers to the process of removing or obscuring any personally identifiable information from individual records in a way that minimizes the risk of unintended disclosure of the identity of individuals and information about them. Anonymization of data refers to the process of data de-identification that produces data where individual records cannot be linked back to an original as they do not include the required translation variables to do so.” (emphasis added)

Or in other words, both methods have the same purpose and both methods technically remove personally identifiable information (PII) from the data set. But while de-identified data can be re-identified, anonymized data cannot be re-identified. To use a simple example, if a column from an Excel spreadsheet containing Social Security numbers is removed from a dataset and discarded, the data would be “anonymized”.

But first … what aspects or portions of data must be removed in order to either de-identify or anonymize a set?

But What Makes Data “De-Identified” or “Anonymous” in the First Place?

Daniel Solove has written that, under the European Union’s Data Directive 95/46/EC, “Even if the data alone cannot be linked to a specific individual, if it is reasonably possible to use the data in combination with other information to identify a person, then the data is PII.” This makes things complicated in a hurry. After all, in the above example where Social Security numbers are removed, remaining columns might include normally non-PII information such as zip codes or gender (male or female). But the Harvard researchers Olivia Angiuli, Joe Blitzstein, and Jim Waldo show how even these 3 data points in an otherwise “de-identified” data set (i.e. “medical data” in the image below) can be used to re-identify individuals when combined with an outside data source that shares these same points (i.e. “voter list” in the image below):

Data Sets Overlap Chart

(Source: How to De-Identify Your Data, by Olivia Angiuli, Joe Blitzstein, and Jim Waldo, http://queue.acm.org/detail.cfm?id=2838930)

That helps explain the Advocate General opinion recently issued in the European Union Court of Justice (ECJ), finding that dynamic IP addresses can, under certain circumstances, be “personal data” under the European Union’s Data Directive 95/46/EC. The case involves interpretation of the same point made by Daniel Solove cited above, namely discerning the “personal data” definition, including this formulation in Recital 26 of the Directive:

“(26) … whereas, to determine whether a person is identifiable, account should be taken of all the means likely reasonably to be used either by the controller or by any other person to identify the said person …”

There was inconsistency among the EU countries on the level of pro-activity required by a data controller in order to render an IP address “personal data”.   So, for example, the United Kingdom’s definition of “personal data”: “data which relate to a living individual who can be identified – (a) from those data, or (b) from those data and other information which is in the possession of, or is likely to come into the possession of, the data controller” (emphasis added). Not so in Germany and, according to a White & Case report on the ECJ case, not so according to the Advocate General, whose position was that “the mere possibility that such a request [for further identifying information] could be made is sufficient.”

Which then circles things back to the question at the top, namely: Are Anonymized and De-Identified Data the Same? They are not the same. That part is easy to say. The harder part is determining which is which, especially with the ease of re-identifying presumably scrubbed data sets. More on this topic shortly.

Read More

Can Social Media Use Save a Trademark?

Posted December 24, 2015 by Roman Vayner 0

Maintaining a social media profile has become standard practice for most businesses advertising their services. Savvy trademark owners may also know that they must “use” their mark in order to establish trademark rights – meaning that the mark must be actually used in connection with providing a good or service. But what type of use is sufficient? Is simply using a mark on a Facebook or Twitter profile enough to show “use” of the mark for trademark purposes? A Trademark Trial and Appeal Board (TTAB) decision says no, but offers useful guidance to trademark owners on using “analogous” trademark use to establish trademark rights. The decision is The PNC Financial Services Group, Inc. v. Keith Alexander Ashe dba Spendology and Spendology LLC.

Spendology attempted to register the mark SPENDOLOGY for web-based personal finance tools. PNC Financial Services Group (PNC), which used the same mark for an “online money management tool,” opposed Spendology’s application, claiming that PNC had used the mark first. Both parties filed motions for summary judgment for likelihood of confusion and priority.

Read More

Employers Should Not Assume IP Assignments are Valid, and Employees Should Take Care to Protect Previously Created IP

Posted April 29, 2013 by Andrew Mirsky 0

An interesting IP assignment and employment case comes out of Wyoming.  Yes, you heard that right, Wyoming.  A nice summary of the issue was given by William Lenz and Jessica Rissman Cohen:

It is a common misconception that an employer automatically owns all rights to the patents invented by its employees. The general rule is that, in the absence of an agreement to the contrary, an invention and any patents covering that invention belong to the employee/inventor. (emphasis added)

And that’s why employers often require new employees to sign “Inventions Agreements”, or similar agreements under various names such as “Assignment of Intellectual Property” or “Proprietary Rights Ownership Agreement”, the purpose of all of which is the same: To remove any ambiguity as to ownership of intellectual property created during the employment relationship.

To be clear, this an intellectual property problem unique to patents.  Copyrights, for example, are deemed automatically “work made for hire” when created under an employment relationship, even in the absence of an IP assignment agreement such as those mentioned above.  Indeed, Section 101 of the Copyright Act expressly defines a “work made for hire” as “a work prepared by an employee within the scope of his or her employment.  Although this being the law and lawyers being lawyers, there are cases challenging whether an employee is in fact an “employee”, and by extension challenging whether an individual’s work is a “work made for hire” in the absence of an assignment agreement.  Community for Creative Non-Violence v. Reed, 490 U.S. 730 (1989).

Read More

Copyright of “Public Facts”: Craigslist v. PadMapper (updated)

Posted November 29, 2012 by Andrew Mirsky 0

Craigslist was meant for the common good, or as founder Craig Newmark puts it, “doing well by doing good”.  At least, that has been its announced mission since it began as an email distribution among friends. Craigslist kept its mantra through its rise to Silicon Valley stardom, snubbing multi-million dollar buyout offers and fighting attempts to monetize the site along the way.

The physical layout of Craigslist hasn’t changed much over the years. Point your browser in its direction and, like an old friend, you’ll be greeted with the same underlined blue links you’ve known for years. Fans are legion, but so too are critics: Critics see stagnation in this comfort, some of whom have taken matters into their own hands through attempts at innovation. However, as some have already discovered, developing tools to work around (critics would say “enhance”) Craigslist’s simple functionality can invite legal response. Is an early darling of Silicon Valley showing a decidedly uglier side, or is Craigslist still simply looking out for the common good?

This past July, Craigslist filed a lawsuit in the US District Court, Northern District of California, alleging that apartment-hunting site PadMapper and its data exchange partner, 3Taps, unlawfully repurpose Craigslist postings and therefore undermine “the integrity of local Craigslist communities, ultimately harming both Craigslist and its users.”  While the complaint parallels Craigslist’s “common good” business model, 3Taps CEO Greg Kidd sees it differently. “We believe Craigslist is acting like a copyright troll,” Kidd recently told AllThingsD.  Kidd’s company provides PadMapper an API for data about Craigslist postings that 3Taps gathers via means it claims are not subject to Craigslist’s Terms of Use and that likewise do not violate Craigslist’s copyrights.

This isn’t the first time Craigslist has claimed such violations, including several now-shuttered earlier services built on top of Craigslist’s platform. In July 2010, Newmark took to Q&A site Quora to defend his company’s actions in a case similar to Padmapper’s, saying he did not take issue with sites that do not affect Craigslist’s servers. “Actually, we take issue with only services which consume a lot of bandwidth, it’s that simple,” Newmark wrote.

June 22: Craigslist sends Padmapper a cease and desist letter and blocks PadMapper from pulling CL ads (at least from doing so directly).  According to CL’s complaint (filed July 20th), traffic to Padmapper immediately plummeted.  

PadMapper claims not to siphon off Craigslist’s servers. Through its partnership with 3Taps, PadMapper accesses a database of Craigslist listings found and organized from search engines including Google and Bing.

 July 9: Padmapper re-launches using 3Taps data.

July 20: Craigslist sues 3Taps and Padmapper.  CL claims:

  • Copyright infringement (for the CL site and for CL listings)
  • Contributory copyright infringement (against 3Taps)
  • Breach of contract (TOS)
  • Trademark infringement
  • Trademark dilution
  • Unfair trade practices

Perhaps that’s why Craigslist is now requiring users to “expressly grant and assign to Craigslist all rights” to enforce the copyright. Other sites like Yelp! and Facebook only require a non-exclusive license to their users’ content. But even if courts interpret this as a legally binding transfer of copyright to Craigslist, facts, like those in classified listings, often cannot be copyrighted. Therefore, it is possible that details such as an apartment’s price, address and number of bedrooms will not be protected.

This is of course Greg Kidd’s argument. “No Terms of Use can ride roughshod over the fact that there is no copyright in facts,” Kidd says. “Padmapper’s use of exchange posting is not infringing use. It is fair use or free use … of public facts.” According to Kidd, PadMapper could just be the beginning to what could be, “a whole class of use case conflicts if this stands.” Via this interpretation, as Kidd sees it, “a [Craigslist] posting retweeted via Twitter is going to be just as problematic as one through PadMapper.”

This argument inelegantly ignores 2 obstacles under contract and copyright.

Contract

First contract law, by virtue of the binding nature of Craiglist’s TOU as a contract.  So, as Craigslist notes in its complaint:

[3Taps and Padmapper] regularly accessed the CL website and affirmatively accepted and agreed to the [TOU] to, among other things, test, design, and/or use the software that allows Defendants to provide their services.  Likewise … Defendants regularly accessed the CL website with knowledge of the [TOU] and its prohibitions against copying, aggregating, displaying, distributing, performing and derivative use of the CL website and any content posted on the CL website … and regularly access the CL website and copied, aggregated, displayed, distributed, and made derivative use of the CL website and the content posted therein.

3Taps disagrees: 3Taps cannot be bound by Craigslist’s TOU, since 3Taps never touches Craigslist’s servers to obtain the data it provides via its API.  Says Kidd:

The [CL] data in question is indexed by public search engines and is made available in the public domain.  One does not have to belong to or even go to Craigslist to find this information on the description, price, and time of availability of a posting. The information is freely available in the public domain and is a fundamental component of transparency of supply and demand and price discovery that are the foundation of free markets.

Craigslist then says that 3Taps’ argument about not directly accessing data from Craigslist is absurd:

3Taps copies all of craigslist’s content – including time stamps and unique craigslist user ID numbers – and makes it available to third parties for use in competing websites or, for whatever other purpose they wish. On information and belief, 3Taps is obtaining this content by improperly accessing craigslist’s website and “scraping” content.

Copyright – Facts and Facts

Kidd’s “public domain” argument – challenging Craigslist’s private ownership of public “facts” – has its own problems.  That’s because there are public facts and … there are public facts. For starters, what makes an apartment listing a public fact? Arguably, an apartment listing is a private piece of information uniquely created and formatted by a landlord and Craigslist: How listed, what information is listed, what pricing, etc.  Perhaps not the most highly creative of copyright subject matters protected by “original works of authorship fixed in any tangible medium of expression” US Copyright Act (Title 17 US Code), but nonetheless protected by copyright.

No, Craigslist may not be able to protect names and addresses, but it may be able to protect Craigslist’s particular presentation of those names and addresses.  And Craigslist makes this very point in its complaint, claiming that 3Taps “displays craigslist’s copyrighted content in virtually identical visual fashion to the manner in which they appear on craigslist.”

August 1: After filing its July suit, Craigslist amends its TOU, telling users they were not permitted to cross-post their sales items anywhere else on the internet:

Clicking ‘continue’ confirms that Craigslist is the exclusive licensee of this content, with the exclusive right to enforce copyrights against anyone copying, republishing, distributing, or preparing derivative works without its consent.

August 5: Craigslist instructs all general search engines to stop indexing CL postings.

August 9: CL amends its TOU – again – to remove “exclusive license” language from its TOS:

Second, Craigslist may be able to rely on copyright arguments similar to those historically made by mapmakers and telephone book publishers, where the compilation of otherwise public facts is itself copyrightable. (See, for example, Feist Publications, Inc. v. Rural Telephone Service Co., 499 US 340 (1991).)  This argument, where the unique presentation, design, layout, or formatting give a compiler a copyright edge, still gives scant protection to the component parts, but it can give viability to a legal claim of misappropriation.

Other Arguments – Trademark and Unfair Competition

Craigslist makes other legal arguments, including most notably trademark infringement and dilution claims and California state law unfair competition claims.  These are subjects beyond the scope of the present discussion, although they do seem to raise the kinds of issues that the likes of Rockefeller Plaza in New York City deals with: Once a year, every year, the plaza is closed to public access in order to allow its owners to continue to assert their private ownership.   Perhaps Craigslist, too, feels some periodic necessity to remind its users that freedom of internet use is not free.

September 24: 3Taps files answer and counterclaim against CL.  Counterclaims:

  • Antitrust
  • Unfair competition
  • Interference with economic advantage

From 3Taps antitrust counterclaim complaint:

3taps is not alleging that craigslist acquired its widespread monopoly power improperly – far from it; craigslist should be applauded for bringing online classifieds into the modern age and achieving its initial dominance over various U.S. markets for the “onboarding” (i.e., the process of inputting and uploading factual content on the internet) of user-generated classified ads by those seeking a personal exchange transaction for various goods and services, including apartment rentals, jobs, personal services, general goods, and other sales.

What 3taps is complaining about is how craigslist has maintained (and continues to maintain) its monopoly power in these three related markets. Certainly, craigslist has not maintained this power by competing on the merits. Indeed, for years, craigslist has espoused the classic principles of a monopolist that believed it did not need to compete: a “strategy” of “unbranding,” “demonetizing,” and “uncompeting” —the epitome of a lethargic monopolist. And why not?  As an unchallenged monopolist across these various markets, craigslist has generated revenues somewhere between $100-$300 million per year, and that’s without sinking any significant costs into research and development or innovation.

September 24: Craigslist launches its own mapping capability.

Bruce Fryer, an intern with Mirsky & Company, PLLC, contributed to this post.

Read More

Copyright 2022 Mirsky & Company, PLLC