May 3, 2015

avatar

Takedown 2.0: The Trouble with Broad TROs Targeting Non-Party Online Intermediaries

On August 14, a federal district court in Oregon issued an ex parte temporary restraining order (TRO) in a civil copyright infringement case, ABS-CBN v. Ashby. The defendants in the case are accused of operating several “pirate websites” that infringe the plaintiffs’ copyrights in broadcast television programs. In addition to ordering the defendants to stop engaging in infringing conduct, the court ordered unspecified “Internet search engines, Web hosts, domain-name registrars, and domain name registries or their administrators [to] cease facilitating access to any or all domain names and websites through which Defendants engage in the [infringement] of Plaintiffs’ copyrighted works.” The court ordered the domain name registrars that had originally registered the defendants’ domain names to transfer the registrations for the pendency of the litigation to a new registrar chosen by the plaintiffs. It then ordered the new, as-yet-unidentified registrar to divert traffic from the defendants’ sites to a location displaying legal documents from the case. None of the online intermediaries targeted by the order is a named party in the case, and none was represented in court before the TRO issued.

A little over a week before the Oregon court issued its TRO, a federal district court in California issued a TRO in another “pirate website” case involving sites streaming and distributing pre-release copies of “The Expendables 3.” The California court’s order to stop providing services to the defendants was directed broadly to “persons and entities providing any services to or in connection with the domain names <limetorrents.com>, <billionuploads.com>, <hulkfile.eu>, <played.to>, <swankshare.com> and/or <dotsemper.com> or the websites to which any of those domain names resolve.” In addition to domain name registrars and hosting services, the California court’s order swept in “[a]ll banks, savings and loan associations, payment processors or other financial institutions, payment providers, third party processors and advertising service providers of Defendants.” Again, none of the online intermediaries targeted in the order is a named party in the case and none was represented in court before the TRO issued.

The reach of these orders is breathtaking, particularly in light of the non-party status of the targeted intermediaries. [Read more…]

avatar

Google Spain and the “Right to Be Forgotten”

The European Court of Justice (CJEU) has decided the Google Spain case, which involves the “right to be forgotten” on the Internet. The case was brought by Mario Costeja González, a lawyer who, back in 1998, had unpaid debts that resulted in the attachment and public auction of his real estate. Notices of the auctions, including Mr. Costeja’s name, were published in a Spanish newspaper that was later made available online. Google indexed the newspaper’s website, and links to pages containing the announcements appeared in search results when Mr. Costeja’s name was queried. After failing in his effort to have the newspaper publisher remove the announcements from its website, Mr. Costeja asked Google not to return search results relating to the auction. Google refused, and Mr. Costeja filed a complaint with Spanish data protection authorities, the AEPD. In 2010, the AEPD ordered Google to de-index the pages. In the same ruling, the AEPD declined to order the newspaper publisher to take any action concerning the primary content, because the publication of the information by the press was legally justified. In other words, it was legal in the AEPD’s view for the newspaper to publish the information but a violation of privacy law for Google to help people find it. Google appealed the AEPD’s decision, and the appeal was referred by the Spanish court to the CJEU for a decision on whether Google’s publication of the search results violates the EU Data Protection Directive.
[Read more…]

avatar

No Facebook, No Service?

The Idaho Statesman, my sort-of-local newspaper, just announced that it will follow the lead of the Miami Herald and no longer allow readers to post anonymous comments to online stories. Starting September 15, readers who want to make comments will have to login through Facebook. This is the second time I’ve encountered a mandatory Facebook login for users trying to gain access to a third-party service. The first time was when I tried to sign up last year for the music streaming service Spotify. (Spotify now allows users to create an account using an email address, but it didn’t always.)  I’m not a Facebook fan for reasons related to Facebook’s privacy and information practices, but that’s really neither here nor there. The question is whether I should have to be a Facebook user to access services on the Internet that have no natural or necessary connection to Facebook. I’m not talking here about giving users the option to login through Facebook if they want to share their online activities with Facebook friends. I’m talking about conditioning access to a non-Facebook service, or to some aspect of that service, on a user’s having a Facebook account. Internet users are accustomed to dealing with lots of intermediaries, from broadband providers to search engines, to get access to services and information. The Internet is all about mediated transfers of information. I get that. But this strikes me as a troubling new layer of intermediation.

[Read more…]