Justia Internet Law Opinion Summaries
Enigma Software Group USA, LLC v. Malwarebytes, Inc.
The Ninth Circuit filed an order withdrawing its prior opinion and replacing the opinion with an amended opinion, denying a petition for panel rehearing, and denying on behalf of the court a petition for rehearing en banc. The panel also filed an amended opinion reserving the district court's dismissal, as barred by section 230 of the Communications Decency Act (DCA), of claims under New York law and the Lanham Act's false advertising provision. Enigma filed suit alleging that Malwarebytes Inc. has configured its software to block users from accessing Enigma's software in order to divert Enigma's customers. The panel distinguished Zango Inc. v. Kaspersky Lab, Inc., 568 F.3d 1169, 1173 (9th Cir. 2009), from this case and held that the parties here were competitors. The panel heeded the warning in Zango against an overly expansive interpretation of section 230 that could lead to anticompetitive results. The panel held that the phrase "otherwise objectionable" does not include software that the provider finds objectionable for anticompetitive reasons. In regard to the state-law claims, the panel held that Enigma's allegations of anticompetitive animus were sufficient to withstand dismissal. In regard to the federal claim, the panel held that section 230's exception for intellectual property claims did not apply because Enigma's false advertising claim did not relate to trademarks or any other type of intellectual property. The panel remanded for further proceedings. View "Enigma Software Group USA, LLC v. Malwarebytes, Inc." on Justia Law
United States v. Bateman
The Playpen website, a message board for advertising and distributing child pornography, is within the “dark-web,” protected by the “Tor hidden service network,” rendering the website relatively inaccessible. A foreign law enforcement agency alerted FBI agents of its suspicions that a U.S.-based IP address was used to house Playpen. Agents identified the server and executed a search warrant, which allowed them to create a duplicate server at a government facility in the Eastern District of Virginia. The FBI assumed administrative control of the website, then obtained a search warrant from the Eastern District of Virginia to employ a Network Investigative Technique (NIT) to unmask anonymous users. The NIT warrant led the District Court of the Southern District of Ohio to issue a search warrant that allowed authorities to search Bateman’s residence and computer where they found over 599 illicit images of children. The Sixth Circuit affirmed the denial of motions to suppress the evidence and for a "Franks" hearing, to question Agent Macfarlane, who submitted the affidavit to obtain the NIT warrant. The search of Bateman’s home was valid under the good-faith exception. Agent Macfarlane’s affidavit provided a detailed and sufficiently specific picture of Playpen and of the NIT program; it accurately described the locations to be searched, which necessarily included locations outside of the Eastern District of Virginia, and accurately described the NIT’s operation as triggered only when an activating computer’s signals entered the Eastern District of Virginia. View "United States v. Bateman" on Justia Law
Posted in: Civil Rights, Constitutional Law, Criminal Law, Internet Law, US Court of Appeals for the Sixth Circuit
Collins et al. v. Athens Orthopedic Clinic, P.A.
Plaintiffs alleged in 2016, an anonymous hacker stole the personally identifiable information, including Social Security numbers, addresses, birth dates, and health insurance details, of at least 200,000 current and former patients of Athens Orthopedic Clinic (“the Clinic”) from the Clinic’s computer databases. The hacker demanded a ransom, but the Clinic refused to pay. The hacker offered at least some of the stolen personal data for sale on the so-called “dark web,” and some of the information was made available, at least temporarily, on Pastebin, a data-storage website. The Clinic notified plaintiffs of the breach in August 2016. Each named plaintiff alleges that she has “spent time calling a credit reporting agency and placing a fraud or credit alert on her credit report to try to contain the impact of the data breach and anticipates having to spend more time and money in the future on similar activities.” Plaintiffs sought class certification and asserted claims for negligence, breach of implied contract, and unjust enrichment, seeking damages based on costs related to credit monitoring and identity theft protection, as well as attorneys’ fees. They also sought injunctive relief under the Georgia Uniform Deceptive Trade Practices Act (“UDTPA”), and a declaratory judgment to the effect that the Clinic must take certain actions to ensure the security of class members’ personal data in the future. The Clinic filed a motion to dismiss based on both OCGA 9-11-12 (b) (1) and OCGA 9-11-12 (b)(6), which the trial court granted summarily. The Georgia Supreme Court concluded the injury plaintiffs alleged they suffered was legally cognizable. Because the Court of Appeals held otherwise in affirming dismissal of plaintiffs’ negligence claims, the Supreme Court reversed that holding. Because that error may have affected the Court of Appeals’s other holdings, the Court vacated those other holdings and remanded the case. View "Collins et al. v. Athens Orthopedic Clinic, P.A." on Justia Law
Posted in: Civil Procedure, Consumer Law, Health Law, Internet Law, Personal Injury, Supreme Court of Georgia
Wilson v. Huuuge, Inc.
Dancel v. Groupon, Inc.
Dancel sued, alleging Groupon had used her photograph to promote a restaurant voucher. Groupon had collected the photograph from Dancel’s public Instagram account based on data linking it to the restaurant’s location. She sought damages under the Illinois Right of Publicity Act (IRPA) on behalf of a class of Illinois residents whose Instagram photographs have appeared on a Groupon offer. The parties litigated in state court until Dancel moved to certify a class of “[a]ll persons who maintained an Instagram Account and whose photograph ... was ... acquired and used on a groupon.com webpage for an Illinois business.” The class was not defined by its members’ residency. Groupon filed a notice of removal under the Class Action Fairness Act, 28 U.S.C. 1453. The district court denied remand and denied class certification. The Seventh Circuit affirmed the denial of class certification. IRPA requires more with respect to the plaintiff’s identity than an Instagram username It demands that an attribute, even a name, serve to identify the individual whose identity is being appropriated. This individualized evidentiary burden prevents identity from being a predominating common question under Rule 23(b)(3). View "Dancel v. Groupon, Inc." on Justia Law
United States v. Grisanti
The FBI took over a child-pornography website, “Playpen,” and kept Playpen running to locate people who distributed and viewed child pornography. Playpen allowed visitors to remain anonymous. The FBI obtained a warrant authorizing the use of a “Network Investigative Technique” (NIT). When a user logged into Playpen, the NIT installed malware on the user’s computer and relayed identifying information to the FBI. The warrant application said that the property to be searched was “located in the Eastern District of Virginia” but an addendum stated that the NIT would be “deployed” on a server “located at a government facility in the Eastern District of Virginia” to obtain information from “activating computer[s]” of “any user” who logged into Playpen. Grisanti logged into Playpen from Indiana. The NIT sent identifying information. The FBI obtained Indiana search warrants and found evidence of child pornography on Grisanti’s computer. Before the FBI could complete its investigation, Grisanti destroyed the hard drive and a flash drive. The court denied a motion to suppress, concluding that the agents relied on the warrant in good faith. Convicted of destruction of evidence and child-pornography offenses, Grisanti was sentenced to 120 months' imprisonment. The court noted that Grisanti possessed more than 600 images of child pornography—some involving prepubescent children—and destroyed the evidence. He never sought treatment and blamed others when he was caught. The Seventh Circuit affirmed, noting that it had already held that the good-faith exception applies to the warrant at issue. Grisanti’s sentence was not unreasonable and the district court did not make any procedural error. View "United States v. Grisanti" on Justia Law
Posted in: Constitutional Law, Criminal Law, Internet Law, US Court of Appeals for the Seventh Circuit
Mozilla Corp. v. FCC
The DC Circuit declined to vacate the FCC's 2018 Order in its entirety, which classified broadband internet access services as an information service under Title I of the Communications Act of 1934, as amended by the Telecommunications Act of 1996. Specifically, the 2018 Order classified broadband internet as an "information service," and mobile broadband as a "private mobile service." In the Order, the Commission adopted transparency rules intended to ensure that consumers have adequate data about Internet Service Providers' network practices, and the Commission applied a cost-benefit analysis, concluding that the benefits of a market-based, "light-touch" regime for Internet governance outweighed those of common carrier regulation under Title II. The court held, under the guidance of National Cable & Telecomms. Ass'n v. Brand X Internet Servs., 545 U.S. 967, 980–981 (2005), that the Commission permissibly classified broadband Internet access as an "information service" by virtue of the functionalities afforded by DNS and caching. The court also held that, even though petitioners' reading of a functional equivalence in 47 U.S.C. 332(d)(3) was not foreclosed by the statute, the agency's interpretation of that term, and its application to mobile broadband, were reasonable and merit Chevron deference. Furthermore, the court held that the Commission's rationales in favor of its reading of Section 706 of the Telecommunications Act was reasonable, and agreed that the transparency rule was authorized by 47 U.S.C. 257. Therefore, the court upheld the 2018 Order with two exceptions. The court held that the Commission has not shown legal authority to issue its Preemption Directive, which would have barred states from imposing any rule or requirement that the Commission "repealed or decided to refrain from imposing" in the Order or that is "more stringent" than the Order. Accordingly, the court vacated that portion of the Order. The court also remanded the Order to the agency on three discrete issues regarding public safety, pole attachments, and the Lifeline Program. View "Mozilla Corp. v. FCC" on Justia Law
Posted in: Communications Law, Government & Administrative Law, Internet Law, US Court of Appeals for the District of Columbia Circuit
Engima Software Group USA, LLC v. Malwarebytes, Inc.
Section 230 of the Communications Decency Act (DCA) immunizes software providers from liability for actions taken to help users block certain types of unwanted online material, including material that is of a violent or sexual nature or is "otherwise objectionable." Enigma filed suit alleging violations of New York state law and a violation of the Lanham Act's false advertising provision based on Malwarebytes Inc.'s configuration of its software to block users from accessing Enigma's software in order to divert Enigma's customers. The district court dismissed the action as barred by section 230's broad recognition of immunity. The panel distinguished Zango Inc. v. Kaspersky Lab, Inc., 568 F.3d 1169, 1173 (9th Cir. 2009), from this case and held that the parties here were competitors. The panel heeded the warning in Zango against an overly expansive interpretation of section 230 that could lead to anticompetitive results. Therefore, the panel held that the phrase "otherwise objectionable" does not include software that the provider finds objectionable for anticompetitive reasons. In this case, the panel held that Enigma's allegations of anticompetitive animus were sufficient to withstand dismissal. The panel also held that, although the Lanham Act itself deals with intellectual property, Enigma's false advertising claim did not relate to trademarks or any other type of intellectual property. Therefore, the district court correctly held that the intellectual property exception to immunity does not apply to the false advertising claim. Like the state law claims, the panel held that the district court read Zango too broadly in dismissing the federal claim. View "Engima Software Group USA, LLC v. Malwarebytes, Inc." on Justia Law
hiQ Labs, Inc. v. LinkedIn Corp.
The Ninth Circuit affirmed the district court's grant of a preliminary injunction in favor of hiQ, a data analytics company, prohibiting LinkedIn, a professional networking website, from denying hiQ access to publicly available LinkedIn member profiles. The panel held that the district court did not abuse its discretion in concluding that hiQ currently has no viable way to remain in business other than using LinkedIn public profile data for its Keeper and Skill Mapper services, and that HiQ therefore has demonstrated a likelihood of irreparable harm absent a preliminary injunction. The panel also held that the district court's determination that the balance of hardships tips sharply in hiQ's favor was not illogical, implausible, or without support in the record; hiQ raised serious questions regarding the merits of its tortious interference with contract claim and LinkedIn's legitimate business purpose defense; hiQ also raised a serious question regarding whether state law causes of action were preempted by the Computer Fraud and Abuse Act; and the district court's conclusion that the public interest favors granting the preliminary injunction was appropriate. View "hiQ Labs, Inc. v. LinkedIn Corp." on Justia Law
Thurston v. Midvale Corp.
Plaintiff, who is blind and uses a screen reader, filed suit alleging that defendant violated the Unruh Civil Rights Act by violating the federal American with Disabilities Act of 1990 (ADA). Plaintiff's claims stemmed from her being unable to access defendant's restaurant website with her screen reader. The Court of Appeal held that Title III of the ADA applies to defendant's website; at a minimum, Title III covers a website with a nexus to a physical place of public accommodation; and the undisputed facts show a sufficient nexus between defendant's website and its restaurant. The court also held that plaintiff's and the trial court's references to nongovernmental guidelines did not violate defendant's due process rights; the trial court could and did disregard surplus comments plaintiff made about the Web Content Accessibility Guidelines 2.0; and the specification of WCAG 2.0 guidelines in the injunction did not support or show a due process violation. Finally, the court held that whether defendant's alternative means of communication would be effective was not a triable issue of fact; plaintiff had standing to obtain an injunction; and the injunction mandating compliance with WCAG 2.0 was not overbroad or uncertain. View "Thurston v. Midvale Corp." on Justia Law