Justia Internet Law Opinion Summaries

Ung stole cryptocurrencies from multiple victims in 2018, exploiting a common website security feature: A user can prompt a website hosting an account to send a text message to the user’s phone with a security code that temporarily allows access to the account. Ung employed “SIM swapping” in which the thief tricks the victim’s phone carrier into switching the victim’s phone number to a SIM card in the thief’s phone. The thief then prompts the website hosting the victim’s financial account to send a temporary security code to the hijacked phone; the thief accesses the account and transfers the assets.In 2021, Ung pleaded no contest to identity theft, attempted grand theft, and 10 counts of felony grand theft. He admitted a white-collar crime enhancement; he committed three offenses after his bail was revoked. The court imposed a 10-year prison term, entered a general restitution order, and later ordered Ung to make restitution by transferring cryptocurrencies to the victims in the same kinds and amounts he had stolen. Ung argued the order violated his due process rights to notice. He estimates the value of the cryptocurrencies was about $1.56 million when he stole them; the value was about $15.9 million by the time of the restitution hearing.The court of appeal affirmed. Under the statute, the value of stolen property is the replacement cost of like property. By stealing the victims’ cryptocurrency, Ung deprived them of the ability to sell it for a profit after its value increased; whatever profits they lost were a direct consequence of Ung’s conduct. View "People v. Ung" on Justia Law

Skillz provides a mobile platform that hosts games in which players compete for cash prizes. To participate in paid-entry competitions, a user must save the player account; after entering a date of birth, the user must tap a box with the word “Next.” Below the “Next” box is the advisory statement: “By tapping ‘Next,’ I agree to the Terms of Service and the Privacy Policy.” A hyperlink, if tapped, takes the user to Skillz’s terms of service. Gostev saved a Skillz player account in 2019. The Terms of Service then had 15 pages.Gostev sued Skillz, alleging that its games constituted illegal gambling, predatory and unlawful practices, and violated the Unfair Competition Law and the Consumers Legal Remedies Act, Gostev alleged the arbitration agreement was unenforceable. Skillz argued that Gostev’s challenges to the enforceability of the arbitration provision had to be submitted to an arbitrator.The court of appeal affirmed a finding that the arbitration agreement was procedurally and substantively unconscionable. The court noted provisions that a plaintiff’s damages are limited, the arbitration must occur in San Francisco, a plaintiff only has one year to bring his claim, the parties must split the arbitration fees and costs, and the defendant can obtain equitable relief without posting a bond or security. Unconscionability ”permeates the agreement such that severance is unavailable,” View "Gostev v. Skillz Platform, Inc." on Justia Law

A major data breach compromised sensitive consumer information on thousands of credit cards. In this appeal, we address who must pay for the cleanup. Beginning in 2014, hackers compromised credit card data at multiple businesses owned by Landry’s Inc. (“Landry’s”). Many of those cards belonged to Visa and Mastercard. In response, Visa and Mastercard imposed over twenty million dollars in assessments on JPMorgan Chase and its subsidiary Paymentech (collectively, “Chase”), who were responsible for securely processing card purchases at Landry’s properties. Chase then sued Landry’s for indemnification, and Landry’s impleaded Visa and Mastercard. The district court dismissed Landry’s third-party complaints against Visa and Mastercard and granted summary judgment for Chase, finding that Landry’s had a contractual obligation to indemnify Chase. Landry’s argued that it should not have to indemnify Chase because the assessments are not an enforceable form of liquidated damages.   The Fifth Circuit affirmed. The court explained that since Landry’s indemnification obligation stems from its own acts or omissions under the Merchant Agreement, the debt is its own. Further, the court wrote that Landry’s alleged for its deceptive business practices claims that the assessments were “invalid” under the Payment Brand Rules and “applicable law” and, therefore, the Payment Brands’ “imposition and collection of the [assessments] was an unlawful business practice.” Because these claims turn on the assessments’ enforceability under Chase’s contracts with the Payment Brands, they are functionally the same as the subrogated claims. Since Landry’s cannot challenge the Payment Brands over those contracts as Chase’s subrogee, it cannot do so through a change in labeling. View "Paymentech v. Landry's" on Justia Law

Plaintiffs SkyHop Global, LLC, SkyHop Technologies, Inc. (collectively, “SkyHop”) and Defendant company owner and his company Indyzen, Inc. (collectively, “Indyzen”) have developed and deployed digital software aimed at transporting crew members to and from airports across the country. SkyHop has about eighty contracts with fifteen airlines, including major carriers like Delta, American, and United. SkyHop and Indyzen dispute who owns the digital software. And beyond that, they disagree on where their dispute should be decided. Indyzen has filed an arbitration action in California (where it is based), alleging various forms of breach of contract and other promises. Meanwhile, SkyHop has filed a federal lawsuit in Florida (where it is based), alleging that Indyzen violated the federal Computer Fraud and Abuse Act (“CFAA”) and the Florida Computer Abuse and Data Recovery Act (“CADRA”). In response, Indyzen sought to dismiss this action for lack of personal jurisdiction. The district court entered an order dismissing SkyHop’s complaint.   The Eleventh Circuit reversed the district court’s order. The court reasoned that the allegations in SkyHop’s complaint suggest that SkyHop is the rightful owner of the digital software. And because Indyzen has refused to relinquish possession of the digital software without additional payment, SkyHop’s complaint states a cause of action under the CFAA. The complaint therefore satisfies the Florida long-arm statute. And it also meets the requirements of the Due Process Clause because the emails that Indyzen sent into Florida triggered SkyHop’s claims. View "SkyHop Technologies, Inc., et al. v. Praveen Narra, et al." on Justia Law

DirecTV and Dish Network (“Defendants”) provide video services in part through the Internet. The City of Creve Coeur filed this class action in Missouri state court on behalf of local government authorities, seeking a declaratory judgment that Defendants are liable under the Video Services Providers Act (“VSPA”) and implementing local ordinances, plus injunctive relief, an accounting of unpaid fees, and damages. Defendants removed the action based on diversity jurisdiction and the Class Action Fairness Act (CAFA). After the state court entered an interlocutory order declaring that VSPA payments are fees, rather than taxes, DirecTV filed a second notice of removal, arguing this order established the required federal jurisdiction. The district court granted Creve Coeur’s motion to remand.   The Eleventh Circuit affirmed on different grounds. The court explained that the district court’s remand order plainly stated that the remand was based on comity principles as articulated in Levin, not on “state-tax based comity concerns.” Comity as a basis to remand was raised and fully argued in the first remand proceeding. Federal courts have long precluded two bites at this apple. Second, the Supreme Court in Levin emphatically stated that the century-old comity doctrine is not limited to the state-tax-interference concerns that later led Congress to enact the TIA. Third, the state court’s December 2020 Order addressed, preliminarily, only the VSPA fee-or-tax issue under state law. It did not address the broader considerations comity addresses. The state court order in no way overruled or undermined the basis for the district court’s first remand order. Therefore, DirecTV failed to establish the essential basis for a second removal. View "City of Creve Coeur v. DirecTV LLC" on Justia Law

Appellant Shenzhen Stone Network Information Ltd. (“SSN”) appealed the district court’s order granting summary judgment on Appellee Prudential Insurance Company of America’s (“Prudential”) cybersquatting claim. Prudential owns several registered trademarks on the term PRU and other PRU-formative marks. Prudential initiated the underlying action after discovering that SSN had registered the domain name PRU.COM. Prudential alleged that SSN violated the Anti-Cybersquatting Consumer Protection Act (“ACPA”), by registering a domain name identical to Prudential’s distinctive mark with the bad faith intent to profit. The district court determined that SSN could be held liable for cybersquatting because the ACPA is not limited to the initial registration of a domain name but encompasses subsequent re-registrations as well. The district court concluded that SSN possessed the bad faith intent to profit from the disputed domain name and granted Prudential’s motion for summary judgment. On appeal, SSN contests the district court’s ruling that SSN acted in bad faith when registering the disputed domain name.   The Fourth Circuit affirmed, concluding that the totality of the circumstances supports the conclusion that SSN acted in bad faith and that SSN is not entitled to the benefit of the ACPA’s safe harbor provision. The court reasoned that SSN failed to satisfy the statute’s safe harbor provision. First, SSN’s self-serving denials of subjective belief that its use of the PRU.COM domain name was lawful are insufficient to defeat summary judgment absent objective corroboration. Further, SSN did not have reasonable grounds to believe that its registration of the PRU.COM domain name was otherwise lawful. View "The Prudential Insurance Company of America v. Shenzhen Stone Network Information Ltd." on Justia Law

Google’s 093 patent application discloses methods for filtering the results of an internet search query such that only results appropriate for the user (e.g., age-appropriate) are displayed.. According to the disclosed method, each result of a search query is assigned a “content rating class” indicating the suitability of the associated content (e.g., suitable for all ages). The Patent Trial and Appeal Board affirmed an examiner’s rejection of multiple claims of the application, citing 35 U.S.C. 103.The Federal Circuit vacated and remanded for further proceedings. The court rejected arguments that the claims were obvious in light of prior art because those arguments did not reflect the reasoning or findings the Board actually invoked. Although the Board concluded that modifying prior art to take into account query length would have been obvious, there was no discussion of how such a modification would be accomplished. The Board’s expressed reasoning cannot sustain its rejection of the claims. The prior art arguments rest on factual predicates unaddressed by the examiner or Board. View "In Re Google LLC" on Justia Law

Plaintiffs, a class of children, appearing through their guardians ad litem, filed a lawsuit against Google LLC and others, alleging that Google used persistent identifiers to collect data and track their online behavior surreptitiously and without their consent in violation of the Children’s Online Privacy Protection Act (“COPPA”). They pled only state law claims arising under the constitutional, statutory, and common law of California, Colorado, Indiana, Massachusetts, New Jersey, and Tennessee, but also allege Google’s activities violate COPPA. The district court held that the “core allegations” in the third amended complaint were squarely covered, and preempted, by COPPA.   The Ninth Circuit reversed the district court’s dismissal on preemption grounds. The panel considered the question of whether COPPA preempts state law claims based on underlying conduct that also violates COPPA’s regulations. The Supreme Court has identified three different types of preemption—express, conflict, and field. First, express preemption is a question of statutory construction. The panel concluded that COPPA’s preemption clause does not bar state-law causes of action that are parallel to, or proscribe, the same conduct forbidden by, COPPA. Accordingly, express preemption does not apply to the plaintiff class’s claims. Second, even if express preemption is not applicable, preemptive intent may be inferred through conflict preemption principles. The panel held that although express and conflict preemption are analytically distinct inquiries, they effectively collapse into one when the preemption clause uses the term “inconsistent.” For the same reasons that the panel concluded there was no express preemption, the panel concluded that conflict preemption did not bar Plaintiffs’ claims. View "CARA JONES, ET AL V. GOOGLE LLC, ET AL" on Justia Law

YouTube, a video-sharing website, places “advertising restrictions” on certain videos to prevent the user who posted the video from realizing advertising revenues. Network administrators and individual subscribers can also elect to limit user access to YouTube videos using “Restricted Mode.” YouTube considers whether the content involves drugs, alcohol, sex, violence, tragedies, inappropriate language, and whether the content is "gratuitously incendiary, inflammatory, or demeaning towards an individual or group.” YouTube uses an “automated filtering algorithm.” Users whose videos have been restricted or demonetized may request human review. Prager has posted more than 250 YouTube videos and has been prohibited from monetizing over 50 of its videos. In some cases, other users have posted videos identical to Prager’s restricted videos; the copycat videos have not been restricted. Prager claims the restrictions are based on its political identity or viewpoints.After a district court dismissed its federal lawsuit, Prager sued in state court. The court of appeal affirmed the dismissal of the suit, citing immunity under the Communications Decency Act, 47 U.S.C. 230, for interactive computer service providers acting as “publishers or speakers” of content provided by others. The challenged conduct is the exercise of a publisher’s traditional editorial functions, The court rejected arguments that the defendants are themselves information content providers, that their terms of service and public pronouncements subjected them to liability notwithstanding the Act, and that the Act, in immunizing defendants from Prager’s state law claims, is unconstitutional. View "Prager University v. Google LLC" on Justia Law

In a matter of first impression before the Mississippi Supreme Court, the issue presented for review required an interpretation and application of the federal Anticybersquatting Consumer Protection Act (ACPA). 15 U.S.C. § 1125(d). Jonathan Carr registered five domain names that included variations of the identifying marks of the Mississippi Lottery Corporation (MLC). After an unfavorable decision from a national arbitration board, Carr brought a reverse domain name hijacking claim against the MLC, which countersued for cybersquatting. The Mississippi Supreme Court dismissed Carr’s first appeal in this case for lack of a final appealable judgment. Carr appealed the trial judge’s Order Granting and Denying Motions for Injunctive Relief, Order on Motion for New Trial, or In the Alternative, Motion for a Trial By Jury, and Order on Motion for New Trial and/or In the Alternative, to Alter or Amend the Judgment. After a careful review of federal and state law, the Supreme Court affirmed the decisions of the trial court on all issues. View "Carr v. Mississippi Lottery Corporation" on Justia Law