Justia Internet Law Opinion Summaries
Van Loon v. Department of the Treasury
The case involves six plaintiffs who are users of Tornado Cash, a cryptocurrency mixing service that uses immutable smart contracts to anonymize transactions. Tornado Cash was sanctioned by the Office of Foreign Assets Control (OFAC) under the International Emergency Economic Powers Act (IEEPA) for allegedly facilitating money laundering for malicious actors, including North Korea. The plaintiffs argued that OFAC exceeded its statutory authority by designating Tornado Cash as a Specially Designated National (SDN) and blocking its smart contracts.The United States District Court for the Western District of Texas granted summary judgment in favor of the Department of the Treasury, finding that Tornado Cash is an entity that can be sanctioned, that its smart contracts constitute property, and that the Tornado Cash DAO has an interest in these smart contracts. The plaintiffs appealed this decision.The United States Court of Appeals for the Fifth Circuit reviewed the case and focused on whether the immutable smart contracts could be considered "property" under IEEPA. The court concluded that these smart contracts are not property because they are not capable of being owned, controlled, or altered by anyone, including their creators. The court emphasized that property, by definition, must be ownable, and the immutable smart contracts do not meet this criterion. Consequently, the court held that OFAC exceeded its statutory authority by sanctioning Tornado Cash's immutable smart contracts.The Fifth Circuit reversed the district court's decision and remanded the case with instructions to grant the plaintiffs' motion for partial summary judgment based on the Administrative Procedure Act. The court did not address whether Tornado Cash qualifies as an entity or whether it has an interest in the smart contracts, as the determination that the smart contracts are not property was dispositive. View "Van Loon v. Department of the Treasury" on Justia Law
Griggs v. NHS Management, LLC
Shymikka Griggs filed a data-breach action against NHS Management, LLC, a consulting firm providing management services for nursing homes and physical-rehabilitation facilities. NHS collects sensitive personal and health information from employees, patients, and vendors. In May 2021, NHS discovered a cyberattack on its network, which lasted 80 days. NHS notified affected individuals, including Griggs, in March 2022. Griggs, a former NHS employee, claimed her personal information was found on the dark web, leading to credit issues, spam communications, and fraudulent activities.Griggs initially filed a class-action complaint in the United States District Court for the Northern District of Alabama but later dismissed it. She then filed a class-action complaint in the Jefferson Circuit Court in June 2023, alleging negligence, negligence per se, breach of contract, invasion of privacy, unjust enrichment, breach of confidence, breach of fiduciary duty, and violation of the Alabama Deceptive Trade Practices Act. NHS moved to dismiss the complaint, arguing lack of standing and failure to state a claim. The Jefferson Circuit Court dismissed Griggs's complaint with prejudice.The Supreme Court of Alabama reviewed the case and affirmed the circuit court's judgment. The court held that Griggs failed to sufficiently plead her claims. Specifically, she did not demonstrate that NHS owed her a duty under Alabama law, failed to establish proximate cause for her negligence per se claim, did not allege intentional conduct for her invasion-of-privacy claim, and did not show that she conferred a benefit on NHS for her unjust-enrichment claim. Additionally, the court found that breach of confidence is not a recognized cause of action in Alabama and that Griggs did not establish a fiduciary relationship between her and NHS. View "Griggs v. NHS Management, LLC" on Justia Law
UMG Recordings v. Grande Communications Networks, LLC
A group of major record labels sued Grande Communications Networks, LLC, an internet service provider, for contributory copyright infringement. The plaintiffs alleged that Grande knowingly provided internet services to subscribers who used them to infringe on the plaintiffs' copyrighted works. The plaintiffs presented evidence that Grande received over 1.3 million infringement notices from Rightscorp, a company that identifies infringing activity on peer-to-peer networks, but Grande did not terminate or take action against repeat infringers. Instead, Grande continued to provide internet services to these subscribers, despite knowing about their infringing activities.The United States District Court for the Western District of Texas held a three-week jury trial. The jury found Grande liable for willful contributory copyright infringement and awarded the plaintiffs $46,766,200 in statutory damages. Grande moved for judgment as a matter of law (JMOL) on the issue of liability and for a new trial on damages, but the district court denied these motions. Grande then appealed, challenging the district court's rulings on its JMOL motion, the jury instructions, and the final judgment. The plaintiffs filed a conditional cross-appeal regarding a jury instruction.The United States Court of Appeals for the Fifth Circuit reviewed the case and upheld the jury's verdict, finding that the plaintiffs had provided sufficient evidence to support the jury's finding of contributory copyright infringement. The court concluded that Grande had knowledge of its subscribers' infringing activities and materially contributed to the infringement by continuing to provide internet services without taking basic measures to prevent further damage. However, the court found that the district court erred in awarding statutory damages for each individual song rather than for each album, as the Copyright Act treats all parts of a compilation as one work for statutory damages purposes. Consequently, the court vacated the damages award and remanded the case for a new trial on damages. The plaintiffs' conditional cross-appeal was dismissed as moot. View "UMG Recordings v. Grande Communications Networks, LLC" on Justia Law
United States v. Chatrie
The case involves Okello Chatrie, who was convicted for robbing a credit union in Virginia. The police, unable to identify the suspect from security footage and witness interviews, obtained a geofence warrant to access Google's Location History data. This data revealed that Chatrie's phone was in the vicinity of the bank during the robbery. Chatrie was subsequently indicted and pleaded not guilty, moving to suppress the evidence obtained via the geofence warrant.The district court denied Chatrie's motion to suppress, citing the good-faith exception to the exclusionary rule. Chatrie entered a conditional guilty plea and was sentenced to 141 months' imprisonment and 3 years' supervised release. He appealed, arguing that the geofence warrant violated his Fourth Amendment rights and that the fruits of the warrant should be suppressed.The United States Court of Appeals for the Fourth Circuit affirmed the district court's decision. The court held that Chatrie did not have a reasonable expectation of privacy in the two hours’ worth of Location History data voluntarily exposed to Google. Therefore, the government did not conduct a Fourth Amendment search when it obtained this information from Google. The court rejected Chatrie's argument that the geofence warrant violated his Fourth Amendment rights, stating that he voluntarily exposed his location information to Google by opting into Location History. The court also noted that the information obtained was far less revealing than that obtained in previous cases involving long-term surveillance. View "United States v. Chatrie" on Justia Law
United States v. Haggerty
The case involves Robert Haggerty, a first-time offender who was indicted on three counts of receiving a visual depiction of a minor engaging in sexually explicit conduct, as well as one count of possessing such depictions. Haggerty admitted to communicating with undercover detectives posing as underage girls using online messaging platforms. A search of Haggerty's house and truck yielded two tablets containing a total of 97 still images and 9 videos of child sexual abuse material.The District Court applied multiple Guideline enhancements at sentencing, including a five-level enhancement under U.S.S.G. § 2G2.2(b)(7), which provides for a graduated enhancement scheme based on the number of "images" involved in a child-exploitation offense. Haggerty objected to the application of a five-level, number-of-images enhancement, arguing that the Guideline is unambiguous and does not include videos. The District Court overruled Haggerty’s objection and applied the five-level enhancement, calculating a total offense level of 32, which yielded an advisory Guideline range of 121 to 151 months in prison.The United States Court of Appeals for the Third Circuit held that "image," in the moving picture or video context, unambiguously means "frame." Deference to the Commentary’s 75-images rule is therefore unwarranted. Instead, the number of frames comprising a moving picture or video will determine the specific sentencing enhancement that a District Judge must apply. The court vacated the District Court’s sentencing order and remanded for resentencing in a manner consistent with its holding. View "United States v. Haggerty" on Justia Law
Conlan Abu v. Dickson
The case revolves around a dispute between Stanley Dickson, owner of several businesses, and Conlan Abu, a company that purchased the assets of one of Dickson's businesses, the Epicurean Group. After the sale, the relationship between the parties soured and they attempted to unwind the deal. During this period, Dickson's IT administrator, John Massey, preserved some emails from the accounts associated with the Epicurean Group for potential litigation. Conlan Abu filed a lawsuit alleging that Dickson and his accounting firm violated the Computer Fraud and Abuse Act and the Stored Communications Act by accessing these emails.The district court had previously ruled in favor of Dickson and his associates. It found that Massey, as the IT administrator, did not intentionally act without authorization or exceed his authorization when he accessed the email accounts using his own credentials. The court also found that Massey did not intentionally exceed his authorization under the Act, as he had no reason to know that his conduct was unauthorized.The United States Court of Appeals for the Sixth Circuit affirmed the district court's decision. The court held that Massey did not intentionally access the emails without authorization or exceed his authorization under the Computer Fraud and Abuse Act. The court also found that Massey did not intentionally exceed his authorization under the Stored Communications Act. The court concluded that Conlan Abu failed to show that Massey acted without authorization or intentionally exceeded his authorization, and therefore could not recover under either Act. View "Conlan Abu v. Dickson" on Justia Law
Moody v. NetChoice, LLC
In 2021, Florida and Texas enacted statutes regulating large social-media companies and other internet platforms. The laws curtailed the platforms' ability to engage in content moderation and required them to provide reasons to a user if they removed or altered her posts. NetChoice LLC, a trade association whose members include Facebook and YouTube, brought First Amendment challenges against the two laws. District courts in both states entered preliminary injunctions.The Eleventh Circuit upheld the injunction of Florida’s law, holding that the state's restrictions on content moderation trigger First Amendment scrutiny. The court concluded that the content-moderation provisions are unlikely to survive heightened scrutiny. The Fifth Circuit, however, disagreed and reversed the preliminary injunction of the Texas law. The court held that the platforms’ content-moderation activities are “not speech” at all, and so do not implicate the First Amendment.The Supreme Court of the United States vacated the judgments and remanded the cases, stating that neither the Eleventh Circuit nor the Fifth Circuit conducted a proper analysis of the facial First Amendment challenges to Florida and Texas laws regulating large internet platforms. The Court held that the laws interfere with protected speech, as they prevent the platforms from compiling the third-party speech they want in the way they want, thus producing their own distinctive compilations of expression. The Court also held that Texas's asserted interest in correcting the mix of viewpoints that major platforms present is not valid under the First Amendment. View "Moody v. NetChoice, LLC" on Justia Law
XMission, LC v. PureHealth Research
The case involves XMission, a Utah-based internet service provider, and PureHealth Research, a Wyoming LLC that sells nutritional supplements online. XMission sued PureHealth in federal district court in Utah, alleging that PureHealth sent thousands of unwanted promotional emails to XMission’s customers in Utah, violating state and federal law. This resulted in increased server maintenance costs and customer complaints for XMission. PureHealth moved to dismiss the case for lack of specific personal jurisdiction, arguing it lacked sufficient contacts with Utah and the lawsuit did not “arise out of or relate to” its forum conduct. The district court granted the motion.The United States Court of Appeals for the Tenth Circuit reversed the district court's decision. The court found that PureHealth knowingly sent marketing emails to XMission’s customers in Utah, which constituted purposeful direction of its activities at residents of the forum state. The court also found that XMission’s claims arose out of or related to those activities. Therefore, the court concluded that Utah had specific personal jurisdiction over PureHealth. The case was remanded for further proceedings. View "XMission, LC v. PureHealth Research" on Justia Law
Dhyne v. People
This case revolves around the question of whether a search for internet-related evidence that extended to a previously unknown basement apartment was reasonable, even though the apartment was not specified in the warrant. The police had obtained a warrant to search a property after receiving information that child pornography had been downloaded to a particular IP address associated with that address. The property appeared to be a single-family home. However, during the execution of the warrant, the police encountered Kevin Matthew Dhyne, who lived in a basement apartment on the property and used the same internet access as the rest of the house. The police searched Dhyne’s apartment and found sexually explicit material involving children on his laptop.The trial court agreed with Dhyne's argument that the search violated the U.S. and Colorado constitutions because the warrant was not specific to his basement apartment. However, the court denied Dhyne’s motion to suppress the evidence, reasoning that even if the officers had not searched his apartment in conjunction with the original warrant, they would have executed the same search later that day under a warrant specific to the basement apartment, and the evidence would therefore have inevitably been discovered. Dhyne was convicted of two counts of sexual exploitation of a child.The Colorado Court of Appeals affirmed the trial court’s denial of the suppression motion, though it did so by upholding the search rather than by applying the inevitable discovery exception. The court of appeals agreed that for a multi-dwelling unit, separate dwellings normally require separate, specific warrants. However, the court justified the search of Dhyne’s apartment based on the shared use of the IP address.The Supreme Court of the State of Colorado affirmed the outcome, holding that the warrant's reference to the property's "[h]ouse, garage, and any outbuildings" was sufficiently specific because there were no outward indicators that the basement apartment existed. The court also held that the execution of the warrant was reasonable in this specific scenario, where the warrant was for all buildings on the property and the defendant told the police that he lived in the basement and used the IP address that provided grounds for the search. View "Dhyne v. People" on Justia Law
ZELLMER V. META PLATFORMS, INC.
The case involves Clayton Zellmer, who sued Meta Platforms, Inc. (formerly Facebook) for alleged violations of the Illinois Biometric Information Privacy Act (BIPA). Zellmer, who never used Facebook, claimed that the company violated BIPA when it created a "face signature" from photos of him uploaded by his friends and failed to publish a written policy outlining its retention schedule for collected biometric data.The district court granted summary judgment in favor of Meta on Zellmer's claim under Section 15(b) of BIPA. The court reasoned that it would be practically impossible for Meta to comply with BIPA if it had to obtain consent from everyone whose photo was uploaded to Facebook before it could use its Tag Suggestions feature. The court also dismissed Zellmer's claim under Section 15(a) of BIPA for lack of standing, holding that Zellmer did not suffer a particularized injury.The United States Court of Appeals for the Ninth Circuit affirmed the district court's decisions but on different grounds. The appellate court rejected the district court's reasoning for granting summary judgment, stating that BIPA's plain text applies to everyone whose biometric identifiers or information is held by Facebook. However, the court concluded that there was no material dispute of fact as to whether Meta violated BIPA's plain terms. The court found that face signatures, which are created from uploaded photos, cannot identify and therefore are not biometric identifiers or information as defined by BIPA. The court also affirmed the dismissal of Zellmer's claim under Section 15(a) of BIPA for lack of standing, agreeing with the district court that Zellmer did not suffer a particularized injury. View "ZELLMER V. META PLATFORMS, INC." on Justia Law