law school outline: ecommerce


  1. Introduction

  1. Final Exam

  1. No curve
  2. Open book
  3. Essay questions, very similar to hypos

  1. Types of commerce

  1. Business to consumer

  1. Delivery/fulfillment is an obstacle (shipping costs).

  1. Consumer to consumer
  2. Consumer to business
  3. Business to business

  1. Business models

  1. Try and buy of software
  2. Sales of upgrades
  3. Sales of complementary technology
  4. Sales of physical goods
  5. Sales of services
  6. Data mining
  7. Sponsorship/cobranding
  8. Advertising

  1. Trends

  1. Early focus on things which people don�t need to look at and try before buying, like books and CD�s.
  2. Auctions: 29% of all e-commerce by 2002, $129B.
  3. Sex is big: 1B in �98, 5.4B by 2003
  4. Fastest growing area is gambling.
  5. Timetable

  1. 1800�s: Mail order
  2. 1950�s: Auto/door-to-door
  3. 1960�s: Discount super store
  4. 1970�s: Telephone
  5. 1980�s: Telephone
  6. mid 1980�s: Direct mail marketing
  7. 1990�s: ecompanies focus on market share first, revenue later.

  1. The medium is the message.
  2. Public policy: Don�t discourage free speech.

  1. Framework (which government supports)

  1. Private sector should lead
  2. Government should avoid undue restrictions on ecommerce (i.e. 3 year hiatus on new internet taxation)
  3. Government support and enforcement of a predictable, minimal and simple environment for ecommerce
  4. Government should recognize unique qualities of internet (bottom-up)
  5. Ecommerce should be facilitated on a global basis

  1. Copyright

  1. Definition

  1. Original work of expression with a minimal level of creativity, which is in a tangible medium
  2. Not Titles, names, short phrases, slogans, familiar symbols, lettering, coloring, ideas, procedures, methods, systems, processes, concepts, principles, discoveries, devices, prior work portion of derivative works.

  1. Commences at time work is created in fixed form, and lasts for lifetime of author, plus 70 years.
  2. Registration and (c) notice is not required, but a good thing to have because it starts the clock, and provides evidence of (c).

  1. Rights

  1. Reproduction
  2. Prepare derivative works
  3. Distribute copies (license)
  4. Perform work
  5. Display work
  6. Transfer rights

  1. Authors convey rights to publishers

  1. Licenses

  1. Owner of copyright has exclusive rights, but can license those rights.
  2. Buying software is really buying a license, because if you bought the actual software, the "first sale doctrine" would eliminate all rights of the previous copyright holder.
  3. Express license must be in writing. Implied license established merely by posting material on the web is a weak defense.

  1. Liability

  1. Direct

  1. Volitional conduct + access + substantial similarity. Intent not required.
  2. ISP which provides space for users to put web pages is not directly liable, because the ISP acts like a public copy machine � which is not liable for users who make infringing copies.

  1. Contributory (TP)

  1. Knowledge + substantial participation
  2. OSPs should not monitor content, or use independent contractors to monitor if absolutely necessary, thus eliminating the "knowledge" prong. Upon receiving notice, OSP should respond promptly.
  3. Imposed where person induces, causes, or materially contributes to the infringement.
  4. VCR manufacturers are not liable for contributory copyright infringement when home user tapes a show because tape recorded TV show is fair use (time shifting).
Vicarious (TP)

  1. Right & ability to supervise activity of another + direct financial interest.
  2. Dance hall owners and flea market operators liable when bands play copyrighted songs. Versus phone company common carrier cases, which are not liable. ISP should be a common carrier.
  3. Religious Technology Center (Church of Scientology) v. Netcom: Netcom not liable for user�s posting on UseNet of copyrighted materials because no direct financial interest because Netcom is flat fee. Further, Netcom didn�t have the ability to supervise what was posted (Prodigy case was contra, because Prodigy did supervise the postings on its internal boards).
  4. UseNet archival service which archives nudie pictures, including infringing photos (Playboy), can be liable because the service was selectively (albeit through an automated system) choosing what content to archive, therefore exercising control.
Criminal: Commercial exploitation.Defenses

  1. Derivative works: Copyright extends only to material contributed by author of derivative work. Does not grant rights in preexisting works.
  2. Fair use

  1. Purpose and character of use

  1. Parody
  2. Software archival, backup, or temporary copies for hardware maintenance or repair.
  3. Criticism, comment, news reporting, teaching, scholarship, research (even reverse engineering).
  4. Taping TV show for future viewing, for private non-commercial use (time-shifting works).
  5. Photocopying article for convenience.
  6. Caching

  1. Creates a copy, therefore potential copyright infringement.
  2. Web browsing not a problem in that fair use extends to the temporary copying which is only necessary because humans cannot otherwise perceive digital information. Functional equivalent of reading.

  1. Use must be noncommercial, i.e. nonprofit educational use.

  1. Nature of work
  2. Amount and substantially of portion used
  3. Effect on potential market
Special technical issues

  1. Digital Millennium Copyright Act

  1. Protections

  1. Prohibitions

  1. Circumvention of technological measures used to protect copyrighted works (cable TV scrambler)
  2. Tampering with integrity of copyright management information, and the distribution of works whose management information has been removed or altered.
  3. Unauthorized access to copyrighted works

  1. Precludes fair use defense

  1. Unauthorized copying of copyrighted works

  1. Exceptions for:

  1. Nonprofit library, archive, or school, for the purpose of making good faith determination to purchase. Works must not be made public.
  2. Reverse engineering to create compatible software.
  3. Encryption research
  4. Personal privacy
  5. Security testing
Liability limitations (safe harbors)

  1. Online service providers
  2. Have no (copyright) liability for:

  1. Transitory communications (probably doesn�t apply to commercial web sites)
  2. System caching
  3. Storage of information at discretion of users, i.e. websites hosted on their systems
  4. Information location tools (links to infringing material)

  1. No knowledge that material is infringing
  2. Provider has no direct financial benefit
  3. Provider takes down/blocks access upon notification of claimed infringement.

  1. Good faith removal of offending materials.

  1. If they

  1. Have a policy of terminating accounts of subscribers who are repeat infringers
  2. Accommodate and not interfere with "standard technical measures"
  3. File with Copyright Office a designation of agent to receive notifications of claimed infringements
  4. No actual knowledge of infringement
  5. Respond expeditiously to take material down or block access to it upon learning of infringement via proper notification (eBay does this)
  6. Promptly notify subscriber that their material has been removed or disabled
  7. Putting material back up within two weeks if subscriber certifies that removed/disabled material should not have been removed/disabled (counter notification), unless copyright owner files suit against subscriber.
  8. Don't� modify the content

  1. Doesn�t apply if OSP is actively monitoring contents (notice; therefore OSPs do not actively monitor content), or acting as a publisher (content control). With either, OSP is no longer just a "conduit."
Computer maintenance or repair Music

  1. Webcasters of music must pay a royalty.
  2. Fairness in Music Licensing Act of 1998: Small restaurants and bars are exempt from royalty fees for playing radio or TV music.
Communications Decency Act

  1. Doesn�t cover all OSPs ("interactive computer service"), and not all content
  2. OSPs not liable for copyrights, unless they have notice.

  1. TicketMaster sued MS when MS linked to a second-level TM page, thus bypassing the TM home page. TM wanted visitors to go through the home page, which contained advertising. This isn�t necessarily a legal problem � more of a business problem.
  2. Unauthorized linking isn�t really a copyright problem, but Lanham Act (15 USC 1125) may raise actions for false advertising, unfair competition, or passing off someone else�s content as your own.
  3. It could be a trademark problem though.
  4. DMCA provides limits to liability for compliance with certain requirements.
Framing & Inline Links

  1. When you click on a link within a framed site, the URL won�t change despite the content change. Therefore, consumers may be confused by the URL being different from the provider of the content. However, technology exists to de-frame a web site upon opening the site. No case law exists in this situation.
  2. Inline link isn�t a per se copyright violation because a copy isn�t created on your site; however there is a risk of consumer confusion, and therefore may be actionable, and raises contributory infringement.

  1. What is it?

  1. Exclusive right to commercially exploit an invention and exclude others.

  1. Encourages competitive effort.

  1. Origin

  1. Constitution
  2. Thomas Jefferson
  3. Patent & Trademark Office
  4. CAFC

  1. Types of patents

  1. Utility

  1. Machine
  2. Process
  3. Manufacture
  4. Composition
  5. Any new and useful improvement thereon

  1. Design

  1. Perfume, although since the formula would be made public in 20 years, most companies use as trade secret.

  1. Plant (the biological type)
  2. Patent can be granted for "anything under the sun that is made by man."

  1. Program that merely makes insubstantial improvement over prior art is not entitled to patent protection.

  1. Specifically not patentable

  1. Laws of nature
  2. Natural phenomena (including mental processes)
  3. Abstract ideas (mathematical algorithm), unless useful, concrete or tangible thing.

  1. Have to reduce conception to practice (build it, use it, or describe it in writing with witness)
  2. Application

  1. Prior art search
  2. Novelty search
  3. Identification of inventors, even if preassigned to their companies.
  4. Must disclose best way to enable one skilled in the art to practice the invention.
  5. Often rejected first time, because claims are close to something else that has been patented. File a response, and patent is often granted.

  1. PTO is looking for patents which are: New, novel, and not obvious.

  1. US law has a one-year grace period during which the patent is pending. Patentability of invention offered for sale, used, or described publicly is immediately lost in most of the world.
  2. Patent formula is kept secret for 20 years, then made public.

  1. Versus trade secret

  1. Trade secret is something that the company makes an effort to keep secret. If the secret ever becomes public, by any means, they�re screwed.
  2. Customer lists are usually trade secrets.

  1. Doctrine of equivalents

  1. What rights do you get?

  1. Make, use, sell, offer to sell, import
  2. Power to exclude others for 20 years, but not a monopoly
  3. No duty to exploit
  4. No global patent: Inventor must apply for patent in individual patent jurisdictions.
  5. License: Promise not to sue if royalties are paid.
  6. Remedies

  1. Damages
  2. Royalty
  3. Lost profits
  4. Injunction

  1. Defenses

  1. Noninfringement
  2. Invalidity

  1. Protection lost through premature disclosure (which may jeopardize patent if filed in foreign jurisdiction first); if applicant isn�t original inventor; or if first patented abroad more than 12 mos ago.

  1. Unclean hands

  1. Trademarks

  1. What is it?

  1. Word, name, sounds, smell, slogan, design, symbol or device

  1. Each can be registered separately, if a logo incorporates more than one type.
  2. Typefaces can�t be trademarked (free speech problem).
  3. Perfume cannot be trademarked (but formula is a trade secret).

  1. Used to identify the source of a good or service.

  1. Cartoon characters, when they identify not only the comic, but also the owner (Mickey Mouse identifies Disney).

  1. Distinctive

  1. Fanciful or arbitrary: Highest protection (Pentium)
  2. Suggestive: Strong protection (Motorola, Oracle, Intel)
  3. Descriptive: Low protection (Sports Illustrated, Windows, Disney, Toys-R-Us). Legal rights not obtained immediately: Use is necessary, and must build up consumer recognition. Category includes surnames, but not whole (first and last) names.

  1. Microsoft uses descriptive marks a lot ("Word", "Internet Explorer"). MS paid $5M for Internet Explorer.

  1. Generic: No protection (PC, escalator, processor). Trademark can loose its protection if it falls into generic category (aspirin). Trademark which is used as a noun is no longer a trademark, as opposed to an adjective, which is a trademark.

  1. Not in the public domain

  1. "You�ve got mail!"

  1. Not already registered

  1. Common law rights are recognized: If you treat something as a trademark, you begin acquiring rights.
  2. Registration is not required, but does provide procedural and litigation advantages.

  1. Established in US by "first use in commerce".
  2. Rest of world uses "first to file."

  1. Acquisition

  1. First to use or file (America & British Colonies). Rest of world is "first to file."

  1. Important for filer to do thorough searches to make sure trademark isn�t preexisting. Including worldwide if that is a potential issue. Not only a TPO search, but search on the web and company use, to make sure that it isn�t an unregistered mark which will succeed because of first use.
  2. Filing takes 1.5 yrs in US, 5-7 yrs in Italy and Japan

  1. Notice: TM means that the user is claiming mark as a trademark. (r) means that the mark has been registered. Neither TM nor R is required.

  1. Infringement

  1. Lanham Act: Consumer confusion in commerce

  1. must own trademark (used in commerce); either registered or unregistered.
  2. using mark in commerce
  3. Likelihood of confusion

  1. Distinctiveness
  2. Similarity: Sight, sound, meaning (Sol/Sun)
  3. Relatedness of products
  4. "Bridging the gap" between products
  5. Similarity of channels
  6. Buyer care and sophistication
  7. Actual confusion

  1. Two companies with same name is fine, so long as in different industries

  1. Intent of junior mark to benefit from senior mark

  1. Dilution

  1. Infringed mark must be a famous one before junior mark use begins.
  2. Junior mark begins after mark is famous
  3. Dilution of the "distinctive qualify" of the famous mark � no confusion required
  4. Injunctive relief only unless willful defendant.

  1. Liability can be either direct, contributory or vicarious (similar to copyright).

  1. Defenses

  1. Attaches
  2. ...
  3. Fair use (15 USC 1125)

  1. Types

  1. Use other than as a mark (15 USC 1115)

  1. Playboy v. Welles: Use of "Playmate" (Playboy TM) was fair because Welles was indeed the playmate of the year.

  1. Comparative advertising (other countries contra)
  2. Noncommercial use
  3. News reporting and commentary

  1. Including consumer criticism (i.e.

  1. Parody: Must be used to make fun of TM, not TP.
  2. Caching, unless unauthorized.

  1. Classic: Use is merely descriptive of defendant�s product.
  2. Nominative: Minimal necessary use made of plaintiff�s mark to fairly describe, but not endorse, defendant�s product.

  1. Use name, but not logo.
  2. "Windows for Dummies" is ok.
  3. If infringer does endorse, it�s false advertising.

  1. Commercialization: TM requires use in commerce. Registering a domain name TM, but not using it for commercial use, in order to domain name squat, restricts or prevents the ability of commercial TM owner to engage in commerce, and therefore falls under TM jurisdiction. Court looks for even a minimal connection with commerce. Includes misspelled domain names.

  1. Special technical issues

  1. Domain names

  1. Conflict between TM and domain names: TM�s allow multiple companies without likelihood of confusion to use the same name (Delta Airlines & Delta Faucets), and even more possibilities internationally. But internet only allows one second level domain (
  2. Contracts vis-a-vis hosting agreements: Ability to switch hosts while retaining domain name.
  3. Rights of publicity
  4. Cybersquatter

  1. Panavision v. Toeppen: D registered many TMs as domain names, tried to sell them to TM owners. Court held that intentional registration of TM domain name is use of domain name as TM, and actionable. "Effects" jurisdictional test means that D is subject to foreign jurisdiction when D directs his actions at jurisdiction.
  2. Avery v. Sumpton: net vs. com TLD isn�t a factor for TM infringement.

  1. Reverse domain name hijacking (innocent registration of name)

  1. Avery v. Sumpton (and Ty case): TM owner prevailed over innocent domain name owner.
  2. If your last name conflicts with a TM, TM owner wins because they can out-litigate the average person, and last name person can be required to put a disclaimer on web site. Last name owner may have a fair use defense (non-commercial use), but can�t afford the attorney fees.

  1. Conflicts between trademark owners: First of multiple trademark owners gets the domain.

  1. Brookfield v. West Coast Entertainment

  1. Linking

  1. Linking party may be subject to contributory or vicarious liability based on infringing temporary copy created on visitor�s screen memory. Lanham Act would apply if consumer confusion about origin of a site or was unfair or deceptive. Potential fair use defenses, though.

  1. Expansion of TLD�s

  1. ICCAN will eventually take over registration
  2. NSI will continue to run the database until 9/00, but ICCAN will then probably take it over.
  3. TPs can now register domains (i.e.
  4. Country TLD�s are on their own.

  1. Strategy

  1. Domain name registrants should conduct a broad trademark search and consider international issues.
  2. TM owners should consider what TLDs to register in, whether to use demand letters (which will likely be made public by D and therefore bad publicity) vs. lawsuits, jurisdictional issues, fans of entertainment stars, settlement strategy.

  1. Remedies

  1. NSI complaint (registered trademarks only, not common law trademarks)

  1. Domain name must be identical to TM.
  2. If domain name owner also owns TM (in any jurisdiction?), he can keep it.
  3. If domain name owner doesn�t own TM, he�s SOL, and domain name is removed from the internet ("hold").
  4. Lawsuit in "competent jurisdiction" between parties (not NSI) freezes the status quo

  1. Trademark infringement litigation
  2. Dilution

  1. Don�t have to show likelihood of confusion � only that P is owner of famous trademark, and D is using trademark in a way that diminishes or blurs P�s image.

  1. Hasbro v. Internet Entertainment Group
  2. Toys-R-Us v. Akkaoui (adults-r-us), but see Toys-R-Us v. Feinberg (saying there was no likelihood of confusion or dilution with guns-r-us).
  3. Snap-On Tools v. C/Net
  4. Fry�s
  5. Defenses: Fair use, noncommercial use, and all forms of news reporting and news commentary.

  1. Defenses

  1. Domain name misuse: Federal grant of limited monopoly power (TM), misused ...?? (979 F. Supp. 684)

  1. Linking

  1. Is it deceptive?
  2. Don�t bypass homepage
  3. Don�t use logos without permission
  4. Fair use
  5. Implied license: If they didn�t want people linking, why do they have a web site?

  1. Meta tags and spider issues

  1. Case settlements involving disclaimers: Disclaimers should be posted as a GIF image because spiders will index text disclaimers.
  2. Playboy lost when suing a former playgirl, because there was no deception, and in fact it was fair for her to advertise that she was a former playmate. Fair use defense.
Sweepstakes & Contests

  1. Types of promotions

  1. Giveaway

  1. How many prizes is sponsor prepared to give away? If very few in comparison to number of entrants, it could be a sweepstakes because there could be a race to win.
  2. Limit offer until date, or while supplies last, allow 6-8 weeks for delivery (required by FTC, else 30 days is default).

  1. Sweepstakes

  1. Game of chance (random drawing)
  2. Prize

  1. Is it appropriate for the target audience?
  2. Geographic/age limits?
  3. Is use of the prize fair use? Descriptive use is probably ok, but using prepared logo is crossing the line.
  4. Depending on value of prize, registration with government may be necessary, else contest is void to participants in that state, even if contest isn�t based in that state.
  5. Can�t be alcohol, guns, ammo.

  1. Minimize consideration (including nonmonitary, such as time) � otherwise it could be a private lottery, even if it only costs a buck.

  1. No purchase necessary
  2. Alternative method of entry

  1. Precise rules re: method of entry (i.e. number 10 envelope) can disqualify entrants who fail to follow published rules.

  1. Contest

  1. Game of skill.
  2. Minimize chance: Winner selected based on qualification or skill, with fair and impartial qualified judging.
  3. Focus on consideration (including nonmonitary) and prize
  4. State may require registration, else contest is void to participants in that state, even if contest isn�t based in that state.
  5. Prize cannot be alcohol, guns, ammo.

  1. State lottery (private lottery prohibited)

  1. Prize
  2. Chance
  3. Consideration

  1. Laws

  1. International
  2. Federal

  1. Including USPS
  2. Lanham Act
  3. FTC

  1. State

  1. Some states require bond if prize above a certain amount; application; winner�s lists; alternative method of entry; advertising requirements, etc. NY & FL are especially harsh.
  2. More regulation apply when consideration (including nonmonitary) required; depending on where advertised; and with sensitive demographics (children, seniors).

  1. Children�s Online Privacy Act

  1. Other considerations

  1. Publicity release
  2. Can�t change the rules once they�re drafted, because they are a contract.
  3. Exposure

  1. What happens if web site crashes during the event
  2. Not following your own rules
  3. Failure to secure prize
  4. Failure to register
  5. Unfair competition laws
  6. Liability issues

  1. Technology

  1. Downloads are treated just like a CD � "digital phonorecord delivery" aka "reproduction"
  2. Streaming is treated as a "performance" � like playing a song on the radio.

  1. Copyright law aspects

  1. Copyright Act of 1976, as amended

  1. Audio Home Recording Act (1992)
  2. Digital Performance Rights in Sound Recordings Act (1995)
  3. Digital Millenium Copyright Act (1998)

  1. Recorded song consists of two separate copyrights, licenses to both are required

  1. Musical Works (artist owns)

  1. Mechanical rights

  1. "Ephemeral recordings" such as those in cache or RAM are subject to licensing.
  2. Managed by Harry Fox

  1. Performance rights (playing the song over the radio) � requires a license and royalties of $0.071 to singer or his agency.

  1. Are downloads a performance in addition to a reproduction? Are streamed songs reproduced in addition to being performed?
  2. Managed by ASCAP, BMI

  1. Sound Recordings (record company owns)

  1. Mechanical rights: Compulsory license
  2. Performance rights in certain digital audio transmissions (only).

  1. Rights were created by Digital Performance Right in Sound Recordings Act of 1995. Designed to protect against disruption of CD sales.

  1. Interactive services (jukebox-style) require licenses from sound recording copyright owner.
  2. Subscription service has an available statutory (compulsory) license (6.5% of gross revenues).
  3. Non-interactive, non-subscription service is in debate.

  1. Digital Millenium Copyright Act: Webcasters are subject to performance rights, and record companies can prevent most online uses of their recordings.

  1. License is required for a TP to copy, distribute, publicly perform, publicly display, or adapt a work, unless:

  1. Fair use
  2. First sale doctrine applies (first buyer can sell his copy of the recording)
  3. Compulsory license available

  1. Common law privacy

  1. Appropriation of a name or likeness for commercial benefit (publicity)
  2. Unreasonable intrusion/intentional interference with interest in solitude or seclusion
  3. Public disclosure of private facts
  4. Publicity which places person in false light
Evolving Regulatory Framework

  1. Enforcement Agencies

  1. Federal Trade Commission

  1. GeoCities: Got in trouble for collecting information from children without adequate warnings. FTC imposed a 20 year order requiring that GeoCities comply with certain notice and privacy requirements.
  2. Asked kids all sorts of financial information about their parents, offering prizes but not delivering. FTC prohibited them from taking any information without parent permission, adequate notice, etc.
  3. FTC action usually results in bad publicity.
  4. Future FTC requirements
  5. Notice
  6. Choice
  7. Security
  8. Access

  1. Department of Commerce
  2. Federal Communications Commission
  3. State Agencies

  1. Statutes that are "in the works"

  1. Electronic Rights for the 21st Century Act (S. 854)
  2. Online Privacy Protection Act of 1999 (S. 809)
  3. Accompanied by safe harbor protections guarantying insulation from liability for OSPs which comply, to encourage self-regulation.
  4. Special categories of people are targets for protection: Children and seniors.
  5. California also has several medical records and a child privacy protection acts in the works.
EU Directive on Personal Data Protection  Effective Oct 25, 1998 Govern flow of consumer data within EU and to non-EU countries (such as US). Right of information to know to whom their information is disclosed and for what purpose Right of access to their information Right of rectification Right to opt out Special protection for sensitive data (race, gender, ethnicity, political affiliation, religion, sexuality, etc.) Country-by-Country implementation  Statutory privacy

  1. Constitutional (4th): Protects person�s subjective, yet objectively reasonable, expectation of privacy, from government agency. Usually applies when government acts without a warrant or other permissible means.

  1. EU says privacy is a fundamental right.

  1. California Constitution: Express, inalienable right.

  1. Requires showing of:

  1. Legally protectable privacy right
  2. Reasonable expectation of privacy under the circumstances
  3. Serious invasion of privacy

  1. Not limited to government conduct � it also applies to private businesses
  2. Includes electronic data
  3. Rights may be waived

  1. Electronic Communications Privacy Act (18 USC 2510, et. seq.)

  1. Title I: Interception of data (doesn�t include analog phone conversation, but would include voice over IP). Makes it a felony to intercept e-mail in transit. Practically, intercepting e-mail in transit is very difficult because of TCP/IP packeting. Requires warrant for law enforcement agencies.
  2. Title II: Stored communications

  1. McVeigh v. Cohen: Military had AOL pull up McVeigh�s e-mail history to prove McVeigh was gay in order to discharge him. That was held to be a violation of the ECPA, because it was a warrantless search.

  1. Computer Fraud and Abuse Act

  1. Knowing access of a computer, or exceeding authorized access
  2. Protects only financial records, medical records, and a few other types of records.

  1. Fair Credit Reporting Act

  1. Prohibits disclosure of credit file (i.e. credit history, employment)
  2. Excludes credit-header information, such as name, birth date, SSN, current and former address, and phone number.

  1. Electronic Funds Transfer Act
  2. Child Online Privacy Protection Act (regulates what types of information is collected from children w/o parent consent) & FTC Proposed Rulemaking Regarding Regulations Implementing COPPA
  3. Applies to sites targeted at children and sites knowingly collecting information from children
  4. Collecting personally identifiable information from children under 13 is restricted
  5. Verifiable parental consent is required (how???)
  6. Notice provisions regarding use and disclosure of information required
  7. Collection of information cannot be a condition of participation
  8. Reasonable security procedures must be adopted
  9. OECD Principles (treaty)

  1. When to collect data
  2. Quality of data
  3. Purpose & use limitations
  4. Reasonable security measures
  5. Accountability
Technological issues

  1. E-mail at work is not private. No reasonable expectation of privacy; not highly intrusive.
  2. Spamming: OSPs can block without First Amendment issue because OSP not state actor. Tort claim against spammer based on common law trespass is possible. California statutes (B&P 17511.1, 17538.45, PC 502) regulate spamming.
  3. Personally identifiable information

  1. Cookies
  2. Browser and computer information available to sites

  1. Medical information: Special and additional protections regarding medical information and medical records, both physical records and electronic records.

  1. Right to sue
  2. Special categories: Children and seniors
  3. Federal pre-emption
  4. Personal access
  5. Commercial access
  6. State access
  7. Privacy policy
  8. Very difficult to amend
  9. Beware of absolute guarantees of privacy, due to hackers and bad employees.

  1. Goal of encryption

  1. Authentication
  2. Message integrity
  3. Nonrepudiation

  1. Digital signature: Create a checksum ("hash") for a message.
  2. Controlled for functionality, not just technology

  1. BXA defines encryption very broadly, possibly including software which interfaces with encryption software.
  2. But you could print out the algorithm, and export that print-out. Couldn�t export an electronic version of that print-out.

  1. Encryption software has to be reviewed by BXA (Bureau of Export Administration; before export.
  2. Exceptions to restrictions

  1. Financial networks
  2. < 56-bit encryption
  3. Insurance networks
  4. Medical/health sectors (reporting required)
  5. On-line merchants and their customers in certain countries (reporting required)
  6. "Recoverable" encryption of any length
  7. Certain consumer items, such as DVD, TV, phone
  8. U.S. subsidiaries

  1. Bernstein: Prohibition of publishing source code for encryption is an impermissible prior restraint on speech. ITC, source code = expression.
Export Compliance

  1. Background

  1. Department of Commerce oversees export of products that could be used in the military
  2. Administered through Bureau of Export Administration
  3. Pursuant to Export Administration Regulations

  1. All items being exported are subject to these rules, except for:

  1. Publicly available software except encryption
  2. Items subject to exclusive jurisdiction of federal department or agency
  3. Publications that are artistic in nature

  1. Required information

  1. What is the item?

  1. Category: Computers, Telecommunications, etc.
  2. Product group: Equipment, software, technology, etc.
  3. Types of controls: National security, nuclear nonproliferation, etc.
  4. Type of item self-defines Export Classification Control Number, which is cross-referenced with nation chart, which tells you if it can be shipped to that country. ECCN defines reasons for control.

  1. Where is it going?

  1. Embargoed countries: Sudan, Syria, Iran, Cuba, North Korea, Libya, Iraq.
  2. Posting products on the Internet is an export unless access control is implemented, so that exports don�t go to embargoed countries.

  1. Who will receive it?
  2. What will they use it for?
  3. What else does the end user do?

  1. Options when export is restricted

  1. License exceptions (i.e. taking your laptop PC abroad with you on a trip)
  2. License to export
  3. Other applications

  1. Compliance

  1. Each party agrees it will comply with all US export control laws, etc.

  1. Import/export for copyrights: There is an old law on the books which prohibits import of copyrighted things without original owner�s permission.

  1. Security

  1. Confidentiality
  2. Authentication

  1. Contractual issues: Does it count as a signature?
  2. Evidentiary issues: Admissible as evidence?
  3. Liability / Risk allocation
  4. Legislation

  1. ABA Digital Signatures Guidelines (highly regulatory)
  2. Uniform Electronic Transactions Act (UETA; minimalist and market-driven)
  3. See for more information.

  1. Business models

  1. Within corporate entity

  1. Complete control
  2. Branding
  3. Unlimited liability
  4. Internal competition (traditional store vs. e-store)

  1. Toys-R-Us was hesitant to do e-store because they would loose impulse buying (about $43/person).

  1. Jurisdiction
  2. Undervalue (i.e. they don�t get to ISP)
  3. Missing the attraction of the ".com" name, and therefore less competitive for technical employees.
  4. Simplicity

  1. 100% subsidiary

  1. Limited liability

  1. Joint venture

  1. License branding & license of trademark: Potential loss of control.
  2. Employee incentives (stock options)
  3. Focus on the product
  4. Profits stay within the JV
  5. Allows companies, each of which have one piece of the puzzle, to get together.

  1. Consumer protection (CA B&P code)

  1. Vendor must disclose return & refund policy, legal name of business, and street address.

  1. Co-branding

  1. Why?  Because it's cost effective to leverage resources.
  2. XYZ art exhibit "made possible with support from Philip Morris"
  3. Private label deal:  XYZ makes the product, but ABC puts its label on it.   Primarily a trademark license.
  4. On the �net, co-branding requires incredible amounts of details.
  5. Quality control
  6. Policing marks resulting in abandoning the mark
  7. Control over content of which pages
  8. K

  1. Noncompetition clause must be very specific
  2. Exclusivity clause (although usually not site-wide)
  3. How the money changes hands, and on what basis

  1. UCC Article 2B / UCITA

  1. Scope

  1. Computer information transactions: Modify, transfer or license computer information.

  1. Information in electronic form (not printed form)
  2. Includes documentation or packaging associated with that computer information.
  3. If information is included as part of primary goods, this section applies only if primary goods are a computer or peripheral or information is a material purpose of transaction.

  1. Access K�s: Obtain electronic access to, or information from, an information processing system of another person, or equivalent of such access. Authorizes access to electronic facility, including internet site, or obtaining information from that type of facility.

  1. May be between OSPs, or between user/OSPs.

  1. Excludes

  1. Financial service transactions
  2. K�s related to audio or visual broadcasts
  3. Compulsory license
  4. Employment K�s other than contractor agreements

  1. Does not alter

  1. Consumer law
  2. Electronic self help
  3. Electronic error
  4. Unconscionability or public policy
  5. Good faith in mass-market transactions (retail type transactions directed at general public).

  1. Purchaser subject to mass-market license without being able to see it before purchase is entitled to a refund, reimbursement of expenses incurred in complying with refund instructions, and compensation for costs of restoring licensee'� system.

  1. Parol evidence rules

  1. Affirmative action required on the part of the consumer in order to return merchandize to reject terms is the trade off for the convenience of buying on-line.

  1. Shrinkwrap: Really should be on the outside of the product, so that people can enter into the K aware of the terms, before purchase. But courts have held shrinkwrap licenses to be enforceable, and that the UCC does not require money now, terms later. Buy now, terms later K�s are enforced routinely in air tickets and insurance. Clickwrap is better because you can make the license available before the K is consummated.
  2. ProCD v. Zeidenberg
  3. Hill v. Gateway
  4. Brower v. Gateway
  5. Mortenson v. Timberline Software Corporation
  6. Authentication
  7. Record will not be denied legal effect solely because it is in electronic form.
  8. Person using electronic agent is bound by agent�s operations.
  9. Occurs when party "signs" a record with intent to identify that person, or adopt or accept terms of a record.
  10. Manifestation of assent ("acceptance")
  11. Occurs if person/agent authenticates the record;
  12. Engages in conduct or statements knowing that other person will infer assent; or
  13. Engages in operations that clearly indicate acceptance.

  1. Attribution

  1. Verification of author, usually using encryption
  2. Process must be commercially reasonable in light of procedure and circumstances
  3. Once party is attributed, attributed party is bound unless actor did not have authority of attributed party. Even then, attributed party still liable for losses if attributed party failed to exercise reasonable care, and relying party exercised reasonable care.
  4. Consumer cannot waive these rules.

  1. Electronic error does not bind consumer if consumer promptly notifies other party upon notice of error, and has not used or received benefit from error.
  2. Electronic messages are effective when received, even if no individual is aware of receipt. Receipt of confirming message is proof of receipt.

  1. United Nations Convention on International Sale of Goods: When dealing international, almost all K�s disclaim this. If they don�t, they are subject to it, and it is very confusing.
  2. Uniform Electronic Transactions Act (UETA)

  1. UETA defers to UCITA.
  2. UETA is a procedural act, providing means to effect electronic transactions.

  1. Contracts

  1. Venue provision should be exclusive
  2. Arbitration clause

  1. Economic liability can be disclaimed in user agreements, and between businesses.

  1. Defamation

  1. Publisher/distributor differentiation not important, because:
  2. OSPs have no liability for (CDA �231c safeharbor)
  3. Dissemination of information others created
  4. Failure to edit, withhold or restrict access
  5. Editing, withholding or restricting access, in good faith
  6. Unless
  7. Notice and failure to act
  8. Active editorial role (Prodigy)

  1. Obscenity

  1. CDA (Communication�s Decency Act)

  1. Attempt to protect minors (under 18) from harmful internet content.
  2. Unenforceable (Reno v. ACLU) because it was too vague.
  3. �230(c): Safeharbor exception. Applies to ISPs and OSPs, and says they are not liable as publisher/distributor for content provided by TP. BUT this only applies to defamation, not obscenity (the statute excludes obscenity), but still raise it in the test.

  1. COPA (Child Online Protection Act)

  1. Congress tried to use very specific language to overcome the vagueness problem of CDA, but 2/99 federal court enjoined enforcement as unconstitutional violation of First Amendment.

  1. Attempt to protect minors (under 17) from harmful internet content.

  1. COPA requires OSPs to restrict access, but using credit card access is an affirmative defense (although questionable how practical and effective this is, especially for nonprofit OSPs).

  1. Bottom line: The only things which are prohibited on the �net are child pornography and obscenity.

  1. No safeharbor exceptions.
  2. What is the "community standard" for the obscenity test? No one knows.

  1. Regulation & Jurisdiction

  1. Levels of regulation

  1. Local (city/state/federal)

  1. "First Amendment is a local ordinance." (anon.)

  1. Majority of the world does not recognize freedom of speech

  1. Enforcement of local laws may have international ramifications (CompuServe manager indicted in Germany based on their local laws re: Nazi content � resulted in worldwide ban of several hundred newsgroups).

  1. "When Bavaria wrinkles its nose, must the whole world catch a cold." (The Economist)

  1. Foreign

  1. Select territory which has favorable laws to establish business. Gambling web sites aren�t hosted in California � they�re located in countries where that is legal.
  2. Countries want to draw businesses to their locality so that they can eventually impose taxes, therefore countries want to create laws that are friendly to internet businesses. Most countries aren�t taxing right now to encourages establishment of net businesses.

  1. Jurisdiction

  1. Ability to make a law
  2. Ability to hear a case
  3. Ability to enforce a law

  1. Germany getting pissed at a website located in Australia; no enforcement so long as Australian doesn�t go to Germany.
  2. California judge can�t issue a search warrant to confiscate child porn on an Australian computer. Australia won�t recognize it.
  3. If foreign company has assets in America, American court can threaten those assets.

  1. Social codes of conduct (�netiquette�)
  2. Transnational internet law in the future? Difficult to establish.
  3. Technical standards (Internic, etc.)
  4. Industry consortium
  5. Owner-defined rules (person who creates the software makes the rules)
  6. Religious laws (Jewish deletion of the word "god" from a computer)

  1. Test in U.S.

  1. Choice of law clause; or
  2. Presence in the jurisdiction; or
  3. Minimum contacts (traditional) / Due Process

  1. Long arm statute of the jurisdiction in question, plus due process protections.
  2. Location of defendant�s server can give jurisdiction.

  1. Active/Passive website (Zippo)

  1. Passive website (providing information) not actionable, unless causes harm to people in the jurisdiction (emerging view).
  2. Active, interactive, commercial website is actionable wherever it can be viewed from.

  1. Judgements

  1. Foreign judgements are fairly easily enforced in the US, unless the decision would violate the First Amendment or other public policy.
  2. Ways to protect yourself:

  1. Forum selection clauses
  2. Choice of law clause
  3. Forming subsidiary, but have to be careful because of piercing the corporate veil liability.
  4. Liability insurance with foreign coverage

Popular posts from this blog

power elite vs pluralist explanation models

big 4 vs. law firm comparison from an industry perspective

california bar exam primer