Justia Internet Law Opinion Summaries

An underage user of the Grindr application, John Doe, filed a lawsuit against Grindr Inc. and Grindr LLC, alleging that the app facilitated his sexual exploitation by adult men. Doe claimed that Grindr's design and operation allowed him to be matched with adults despite being a minor, leading to his rape by four men, three of whom were later convicted. Doe's lawsuit included state law claims for defective design, defective manufacturing, negligence, failure to warn, and negligent misrepresentation, as well as a federal claim under the Trafficking Victims Protection Reauthorization Act (TVPRA).The United States District Court for the Central District of California dismissed Doe's claims, ruling that Section 230 of the Communications Decency Act (CDA) provided Grindr with immunity from liability for the state law claims. The court also found that Doe failed to state a plausible claim under the TVPRA, as he did not sufficiently allege that Grindr knowingly participated in or benefitted from sex trafficking.The United States Court of Appeals for the Ninth Circuit reviewed the case and affirmed the district court's dismissal. The Ninth Circuit held that Section 230 barred Doe's state law claims because they implicated Grindr's role as a publisher of third-party content. The court also agreed that Doe failed to state a plausible TVPRA claim, as he did not allege that Grindr had actual knowledge of or actively participated in sex trafficking. Consequently, Doe could not invoke the statutory exception to Section 230 immunity under the Allow States and Victims to Fight Online Sex Trafficking Act of 2018. The Ninth Circuit affirmed the district court's dismissal of Doe's claims in their entirety. View "DOE V. GRINDR INC." on Justia Law

The plaintiff filed a complaint against the defendant, alleging that he made and retained an unauthorized copy of her computer hard drive, which contained private and confidential data. The complaint included a claim for violation of Penal Code section 502, which prohibits unauthorized use of any computer system for an improper purpose. The plaintiff sought damages and attorney fees.In the Superior Court of San Diego County, a civil jury trial was held, and the jury found in favor of the defendant on all of the plaintiff's causes of action. The trial court entered judgment for the defendant. Subsequently, the defendant filed a motion for attorney fees and costs under section 502, subdivision (e). The trial court granted the defendant's costs but denied his request for attorney fees, concluding that section 502 does not permit an award of fees to prevailing defendants and that, even if it did, it would be unreasonable to award fees in this case because there was no evidence that the plaintiff's claim was frivolous or abusive.The defendant appealed the order to the Court of Appeal, Fourth Appellate District, Division One, State of California. The appellate court agreed with the defendant that section 502 allows the award of attorney fees to prevailing defendants. However, the court concluded that section 502 defendants may only recover attorney fees where the plaintiff's claim was objectively without foundation when brought, or the plaintiff continued to litigate after it clearly became so. The appellate court found that the trial court acted within its discretion in finding that the plaintiff's claim was not frivolous or abusive and affirmed the order denying attorney fees. View "Hay v. Marinkovich" on Justia Law

Ann Jones filed lawsuits against Bloomingdales.com, LLC, and Papa John's International, Inc., alleging that their websites used "session replay" technology to record her electronic communications, including mouse movements, clicks, and keystrokes, without her knowledge. She claimed this technology invaded her privacy by creating a detailed record of her website visits, which could be used for targeted advertisements and website improvements.In the Eastern District of Missouri, the district court dismissed Jones's complaint against Bloomingdales for lack of subject-matter jurisdiction, citing a lack of concrete injury as she did not allege the capture of sensitive information. In the case against Papa John's, the district court dismissed the complaint for lack of personal jurisdiction. Jones appealed both dismissals.The United States Court of Appeals for the Eighth Circuit reviewed the cases and consolidated them for oral argument. The court held that Jones did not plausibly allege a concrete injury in either case, affirming the lower courts' judgments. The court noted that Jones's allegations did not demonstrate that the session-replay technology captured any private or sensitive information, such as social security numbers, medical history, or financial details. The court compared the situation to a security camera in a physical store, where customers do not have a reasonable expectation of privacy regarding their general movements.The Eighth Circuit concluded that Jones lacked standing to sue because her allegations did not show a concrete harm to her privacy. The court emphasized that merely asserting an invasion of privacy without supporting facts is insufficient to establish standing. Therefore, the court affirmed the dismissals of both cases. View "Jones v. Bloomingdales.com, LLC" on Justia Law

C.H., an eleven-year-old, was sexually exploited by a stranger on Omegle.com, an online platform that connects users in video chatrooms. The stranger, referred to as John Doe, threatened C.H. into creating child pornography. C.H.'s parents sued Omegle.com LLC, alleging violations of 18 U.S.C. § 2255 (Masha’s Law) for knowingly possessing child pornography and the Trafficking Victims Protection Reauthorization Act for knowingly benefiting from a sex trafficking venture.The United States District Court for the Middle District of Florida dismissed the claims, citing section 230 of the Communications Decency Act, which protects providers of interactive computer services from being treated as the publisher or speaker of user-provided information. The court also found that the sex trafficking claim did not meet the Fight Online Sex Trafficking Act (FOSTA) exception to section 230 because C.H.'s parents did not allege that Omegle.com had actual knowledge of benefiting from sex trafficking.The United States Court of Appeals for the Eleventh Circuit reviewed the case. The court held that C.H.'s parents did not state a claim under Masha’s Law because they failed to allege that Omegle.com knowingly possessed or accessed child pornography. The court also held that the FOSTA exception to section 230 requires actual knowledge of sex trafficking, not just constructive knowledge. Since C.H.'s parents did not plausibly allege that Omegle.com had actual knowledge of the sex trafficking incident involving C.H., the court affirmed the district court's dismissal of the claims. View "M.H., et al. v. Omegle.com LLC" on Justia Law

The case involves six plaintiffs who are users of Tornado Cash, a cryptocurrency mixing service that uses immutable smart contracts to anonymize transactions. Tornado Cash was sanctioned by the Office of Foreign Assets Control (OFAC) under the International Emergency Economic Powers Act (IEEPA) for allegedly facilitating money laundering for malicious actors, including North Korea. The plaintiffs argued that OFAC exceeded its statutory authority by designating Tornado Cash as a Specially Designated National (SDN) and blocking its smart contracts.The United States District Court for the Western District of Texas granted summary judgment in favor of the Department of the Treasury, finding that Tornado Cash is an entity that can be sanctioned, that its smart contracts constitute property, and that the Tornado Cash DAO has an interest in these smart contracts. The plaintiffs appealed this decision.The United States Court of Appeals for the Fifth Circuit reviewed the case and focused on whether the immutable smart contracts could be considered "property" under IEEPA. The court concluded that these smart contracts are not property because they are not capable of being owned, controlled, or altered by anyone, including their creators. The court emphasized that property, by definition, must be ownable, and the immutable smart contracts do not meet this criterion. Consequently, the court held that OFAC exceeded its statutory authority by sanctioning Tornado Cash's immutable smart contracts.The Fifth Circuit reversed the district court's decision and remanded the case with instructions to grant the plaintiffs' motion for partial summary judgment based on the Administrative Procedure Act. The court did not address whether Tornado Cash qualifies as an entity or whether it has an interest in the smart contracts, as the determination that the smart contracts are not property was dispositive. View "Van Loon v. Department of the Treasury" on Justia Law

Shymikka Griggs filed a data-breach action against NHS Management, LLC, a consulting firm providing management services for nursing homes and physical-rehabilitation facilities. NHS collects sensitive personal and health information from employees, patients, and vendors. In May 2021, NHS discovered a cyberattack on its network, which lasted 80 days. NHS notified affected individuals, including Griggs, in March 2022. Griggs, a former NHS employee, claimed her personal information was found on the dark web, leading to credit issues, spam communications, and fraudulent activities.Griggs initially filed a class-action complaint in the United States District Court for the Northern District of Alabama but later dismissed it. She then filed a class-action complaint in the Jefferson Circuit Court in June 2023, alleging negligence, negligence per se, breach of contract, invasion of privacy, unjust enrichment, breach of confidence, breach of fiduciary duty, and violation of the Alabama Deceptive Trade Practices Act. NHS moved to dismiss the complaint, arguing lack of standing and failure to state a claim. The Jefferson Circuit Court dismissed Griggs's complaint with prejudice.The Supreme Court of Alabama reviewed the case and affirmed the circuit court's judgment. The court held that Griggs failed to sufficiently plead her claims. Specifically, she did not demonstrate that NHS owed her a duty under Alabama law, failed to establish proximate cause for her negligence per se claim, did not allege intentional conduct for her invasion-of-privacy claim, and did not show that she conferred a benefit on NHS for her unjust-enrichment claim. Additionally, the court found that breach of confidence is not a recognized cause of action in Alabama and that Griggs did not establish a fiduciary relationship between her and NHS. View "Griggs v. NHS Management, LLC" on Justia Law

A group of major record labels sued Grande Communications Networks, LLC, an internet service provider, for contributory copyright infringement. The plaintiffs alleged that Grande knowingly provided internet services to subscribers who used them to infringe on the plaintiffs' copyrighted works. The plaintiffs presented evidence that Grande received over 1.3 million infringement notices from Rightscorp, a company that identifies infringing activity on peer-to-peer networks, but Grande did not terminate or take action against repeat infringers. Instead, Grande continued to provide internet services to these subscribers, despite knowing about their infringing activities.The United States District Court for the Western District of Texas held a three-week jury trial. The jury found Grande liable for willful contributory copyright infringement and awarded the plaintiffs $46,766,200 in statutory damages. Grande moved for judgment as a matter of law (JMOL) on the issue of liability and for a new trial on damages, but the district court denied these motions. Grande then appealed, challenging the district court's rulings on its JMOL motion, the jury instructions, and the final judgment. The plaintiffs filed a conditional cross-appeal regarding a jury instruction.The United States Court of Appeals for the Fifth Circuit reviewed the case and upheld the jury's verdict, finding that the plaintiffs had provided sufficient evidence to support the jury's finding of contributory copyright infringement. The court concluded that Grande had knowledge of its subscribers' infringing activities and materially contributed to the infringement by continuing to provide internet services without taking basic measures to prevent further damage. However, the court found that the district court erred in awarding statutory damages for each individual song rather than for each album, as the Copyright Act treats all parts of a compilation as one work for statutory damages purposes. Consequently, the court vacated the damages award and remanded the case for a new trial on damages. The plaintiffs' conditional cross-appeal was dismissed as moot. View "UMG Recordings v. Grande Communications Networks, LLC" on Justia Law

The case involves Okello Chatrie, who was convicted for robbing a credit union in Virginia. The police, unable to identify the suspect from security footage and witness interviews, obtained a geofence warrant to access Google's Location History data. This data revealed that Chatrie's phone was in the vicinity of the bank during the robbery. Chatrie was subsequently indicted and pleaded not guilty, moving to suppress the evidence obtained via the geofence warrant.The district court denied Chatrie's motion to suppress, citing the good-faith exception to the exclusionary rule. Chatrie entered a conditional guilty plea and was sentenced to 141 months' imprisonment and 3 years' supervised release. He appealed, arguing that the geofence warrant violated his Fourth Amendment rights and that the fruits of the warrant should be suppressed.The United States Court of Appeals for the Fourth Circuit affirmed the district court's decision. The court held that Chatrie did not have a reasonable expectation of privacy in the two hours’ worth of Location History data voluntarily exposed to Google. Therefore, the government did not conduct a Fourth Amendment search when it obtained this information from Google. The court rejected Chatrie's argument that the geofence warrant violated his Fourth Amendment rights, stating that he voluntarily exposed his location information to Google by opting into Location History. The court also noted that the information obtained was far less revealing than that obtained in previous cases involving long-term surveillance. View "United States v. Chatrie" on Justia Law

The case involves Robert Haggerty, a first-time offender who was indicted on three counts of receiving a visual depiction of a minor engaging in sexually explicit conduct, as well as one count of possessing such depictions. Haggerty admitted to communicating with undercover detectives posing as underage girls using online messaging platforms. A search of Haggerty's house and truck yielded two tablets containing a total of 97 still images and 9 videos of child sexual abuse material.The District Court applied multiple Guideline enhancements at sentencing, including a five-level enhancement under U.S.S.G. § 2G2.2(b)(7), which provides for a graduated enhancement scheme based on the number of "images" involved in a child-exploitation offense. Haggerty objected to the application of a five-level, number-of-images enhancement, arguing that the Guideline is unambiguous and does not include videos. The District Court overruled Haggerty’s objection and applied the five-level enhancement, calculating a total offense level of 32, which yielded an advisory Guideline range of 121 to 151 months in prison.The United States Court of Appeals for the Third Circuit held that "image," in the moving picture or video context, unambiguously means "frame." Deference to the Commentary’s 75-images rule is therefore unwarranted. Instead, the number of frames comprising a moving picture or video will determine the specific sentencing enhancement that a District Judge must apply. The court vacated the District Court’s sentencing order and remanded for resentencing in a manner consistent with its holding. View "United States v. Haggerty" on Justia Law

The case revolves around a dispute between Stanley Dickson, owner of several businesses, and Conlan Abu, a company that purchased the assets of one of Dickson's businesses, the Epicurean Group. After the sale, the relationship between the parties soured and they attempted to unwind the deal. During this period, Dickson's IT administrator, John Massey, preserved some emails from the accounts associated with the Epicurean Group for potential litigation. Conlan Abu filed a lawsuit alleging that Dickson and his accounting firm violated the Computer Fraud and Abuse Act and the Stored Communications Act by accessing these emails.The district court had previously ruled in favor of Dickson and his associates. It found that Massey, as the IT administrator, did not intentionally act without authorization or exceed his authorization when he accessed the email accounts using his own credentials. The court also found that Massey did not intentionally exceed his authorization under the Act, as he had no reason to know that his conduct was unauthorized.The United States Court of Appeals for the Sixth Circuit affirmed the district court's decision. The court held that Massey did not intentionally access the emails without authorization or exceed his authorization under the Computer Fraud and Abuse Act. The court also found that Massey did not intentionally exceed his authorization under the Stored Communications Act. The court concluded that Conlan Abu failed to show that Massey acted without authorization or intentionally exceeded his authorization, and therefore could not recover under either Act. View "Conlan Abu v. Dickson" on Justia Law