Justia Internet Law Opinion Summaries

by
The Ninth Circuit affirmed the district court's order certifying a class of Facebook users who alleged that Facebook's facial-recognition technology violated Illinois's Biometric Information Privacy Act (BIPA). The panel held that plaintiffs have alleged a concrete and particularized harm that was sufficient to confer Article III standing where the statutory provisions at issue were established to protect plaintiffs' concrete interests in privacy, not merely procedural rights. In this case, the development of a face template using facial-recognition technology without consent invades an individual’s private affairs and concrete interests. The panel held that the district court did not abuse its discretion by certifying the class; Illinois's extraterritoriality doctrine did not preclude the district court from finding predominance; and the district court did not abuse its discretion in determining that a class action was superior to individual actions. View "Patel v. Facebook, Inc." on Justia Law

by
News broke in 2012 that Google’s Doubleclick.net cookies were bypassing Safari and Internet Explorer privacy settings and tracking internet-user information. Google settled FTC and state attorneys general lawsuits, agreeing to cease the practice and to pay $39.5 million in fines, without admitting wrongdoing. Plaintiffs' claims were consolidated into a putative class action, alleging violations of federal privacy and fraud statutes, California unfair competition and privacy statutes, the California constitution’s right to privacy, and California’s privacy tort law. The Third Circuit affirmed the dismissal of all but the California constitutional and tort claims. The parties agreed to a settlement. The district court approved certification of an FRCP 23(b)(2) class and the settlement under FRCP 23(e). Under the settlement a cy pres award would be paid to organizations the defendant approved, primarily data privacy organizations that agree to use the funds to research and promote browser privacy. It also included class counsel’s fees and costs, and incentive awards for named class representatives. One objector argued that the cy pres money belongs to the class as compensation and challenged the choice of cy pres recipients because of their pre-existing relationships with Google and class counsel. The Third Circuit vacated, stating that the “cursory certification and fairness analysis were insufficient for us to review its order certifying the class and approving the settlement. The settlement agreement’s broad release of claims for money damages and its designation of cy pres recipients are particularly concerning.” View "In Re: Google Inc. Cookie Placement Consumer Privacy Litigation" on Justia Law

by
VirnetX appealed the Patent Trial and Appeal Board's decision related to three inter partes reexaminations maintained by Apple and Cisco. In this case, the PTO concluded that Apple was not barred from maintaining its reexams by the estoppel provision of the pre-America Invents Act (AIA) version of 35 U.S.C. 317(b), and the Board affirmed the examiner's determination that the claims of U.S. Patent Nos. 7,418,504 and 7,921,211 are unpatentable as anticipated or obvious over the prior art of record. The '504 and '211 patents describe systems and methods for establishing a secure communication link between a first computer and a second computer over a computer network, such as the Internet. The Federal Circuit held that there has been a final decision entered against Apple that it has not sustained its burden of proving invalidity, and thus section 317(b) estoppel applied to the Apple reexams. Therefore, the court vacated the Board's decisions in the Apple reexams with respect to claims 1–35 of the '504 patent and claims 36–59 of the '211 patent and remanded with instructions to terminate. The court affirmed the Board's decision on all remaining claims of both patents in the Apple reexam not subject to section 317(b) estoppel and fully affirmed the Board's decision regarding the claims of the '211 patent in the Cisco reexam. View "VirnetX Inc. v. Apple Inc." on Justia Law

by
Plaintiffs, U.S. citizens of Hamas terrorist attacks in Israel, appealed the district court's dismissal of their federal civil antiterrorism and Israeli law claims against Facebook, alleging that Facebook unlawfully assisted Hamas in the attacks. Plaintiff argued that Hamas used Facebook to post content that encouraged terrorist attacks in Israel during the time period of the attacks. The DC Circuit affirmed the district court's judgment as to the federal claims, holding that 42 U.S.C. 230(c)(1) bars civil liability claims that treat a provider or user of an interactive computer service as a publisher or speaker of any information provided by another information content provider. In this case, plaintiffs' claims fell within Facebook's status as the publisher of information within the meaning of the statute, and Facebook did not develop the content of the postings at issue. Therefore, section 230(c)(1) applied to Facebook's alleged conduct in this case. The court also held that applying section 230(c)(1) to plaintiffs' claims would not impair the enforcement of a federal criminal statute; the Anti-Terrorism Act's civil remedies provision, 18 U.S.C. 2333, did not implicitly narrow or repeal section 230(c)(1); and applying section 230(c)(1) to plaintiffs' claims would not be impermissibly extraterritorial. Finally, in regard to the foreign law claims, the court declined to exercise supplemental jurisdiction sua sponte to cure jurisdictional defects and therefore dismissed these claims. View "Force v. Facebook, Inc." on Justia Law

by
Novak created a “farcical Facebook account” that looked like the Parma Police Department’s official page. The page was up for 12 hours and published posts including a recruitment advertisement that “strongly encourag[ed] minorities to not apply.” and an advertisement for a “Pedophile Reform" event. Some of its about 100 followers thought it was funny. Others were angry or confused and called the police station. The Department posted a warning on its official Facebook page. Novak reposted that warning on his page, to “deepen his satire.” Novak deleted “pedantic comments” on his page explaining that the page was fake, The Department contacted Facebook requesting that the page be shut down and informed local news outlets. Novak deleted his creation. Based on a search warrant and subpoena, Facebook disclosed that Novak was behind the fake. The police obtained warrants to search Novak’s apartment and to arrest him, stating that Novak unlawfully impaired the department’s functions. Novak responded that, other than 12 minutes of phone calls, the police department suffered no disruption. Novak was acquitted, then sued, alleging violations of his constitutional and statutory rights. The district court dismissed in part, with 26 claims remaining. The Sixth Circuit granted the officers qualified immunity on claims related to anonymous speech, censorship in a public forum, and the right to receive speech were dismissed. View "Novak v. City of Parma" on Justia Law

by
Carello is blind. To access online visual content, he uses a “screen reader,” which reads text aloud to him from websites that are designed to support its software. Carello claims that the Credit Union website fails to offer such support. The Illinois Credit Union Act requires that credit union membership be open only to groups of people who share a “common bond,” including “[p]ersons belonging to a specific association, group or organization,” “[p]ersons who reside in a reasonably compact and well-defined neighborhood or community,” and “[p]ersons who have a common employer.” The Credit Union limits its membership to specified local government employees. Membership is required before an individual may use any Credit Union services. Carello is not eligible for, nor has he expressed any interest in, Credit Union membership. He is a tester: he visits websites solely to test Americans with Disabilities Act (ADA) compliance, which prohibits places of public accommodation from discriminating “on the basis of disability in the full and equal enjoyment of [their] goods, services, facilities, privileges, advantages, or accommodations,” and requires them to make “reasonable modifications” to achieve that standard, 42 U.S.C. 12812(a), (b). The Seventh Circuit affirmed the dismissal of Carello’s claim. Carello lacked standing to sue because he failed to allege an injury in fact. View "Carello v. Aurora Policeman Credit Union" on Justia Law

by
Oberdorf walked her dog with a retractable leash. Unexpectedly, the dog lunged. The D-ring on the collar broke and the leash recoiled and hit Oberdorf’s face and eyeglasses, leaving Oberdorf permanently blind in her left eye. Oberdorf bought the collar on Amazon.com. She sued Amazon.com, including claims for strict products liability and negligence. The district court found that, under Pennsylvania law, Amazon was not liable for Oberdorf’s injuries. A third-party vendor, not Amazon itself, had listed the collar on Amazon’s online marketplace and shipped the collar directly to Oberdorf. The court found that Amazon was not a “seller” under Pennsylvania law and that Oberdorf’s claims were barred by the Communications Decency Act (CDA) because she sought to hold Amazon liable for its role as the online publisher of third-party content. The Third Circuit vacated and remanded. Amazon is a “seller” under section 402A of the Second Restatement of Torts and thus subject to the Pennsylvania strict products liability law. Amazon’s involvement in transactions extends beyond a mere editorial function; it plays a large role in the actual sales process. Oberdorf’s claims against Amazon are not barred by section 230 of the CDA except as they rely upon a “failure to warn” theory of liability. The court affirmed the dismissal under the CDA of the failure to warn claims. View "Oberdorf v. Amazon.com Inc" on Justia Law

by
Pneuma sued a former employee, a competitor that employee went to work for, and a Pneuma investor, alleging several business torts including claims under the Comprehensive Computer Data Access and Fraud Act (Pen. Code section 502); for conversion; and for trespass to chattel relating to an internet domain. The investor filed a cross-complaint against Pneuma and its owner alleging they breached their investor agreement. The trial court ruled against Pneuma except on a single cause of action for trespass to chattel and ruled in favor of the investor on his cross-complaint. The court of appeal affirmed. A determination that a party engaged in trespass to chattel in a business context does not, without more, establish that the party engaged in an unlawful business practice under California’s Unfair Competition Law. (Bus. & Prof. Code section 17200). View "Pneuma International, Inc. v. Cho" on Justia Law

by
These consolidated appeals stemmed from the cyberattack of multiple OPM databases that resulted in the data breach of sensitive personal information from more than 21 million people. Plaintiffs alleged that OPM's cybersecurity practices were inadequate, enabling the hackers to gain access to the agency's database of employee information, in turn exposing plaintiffs to heightened risks of identity theft and other injuries. The district court dismissed the complaints based on lack of Article III standing and failure to state a claim. The DC Circuit held that both sets of plaintiffs have alleged facts sufficient to satisfy Article III standing requirements; the Arnold Plaintiffs have stated a claim for damages under the Privacy Act, and have unlocked OPM's waiver of sovereign immunity, by alleging OPM's knowing refusal to establish appropriate information security safeguards; KeyPoint was not entitled to derivative sovereign immunity because it has not shown that its alleged security faults were directed by the government, and it is alleged to have violated the Privacy Act standards incorporated into its contract with OPM; and, assuming a constitutional right to informational privacy, NTEU Plaintiffs have not alleged any violation of such a right. Accordingly, the court affirmed in part, reversed in part, and remanded for further proceedings. View "In re: U.S. Office of Personnel Management Data Security Breach Litigation" on Justia Law

by
Plaintiffs, 14 locksmith companies, filed suit alleging that Google, Microsoft, and Yahoo! have conspired to "flood the market" of online search results with information about so-called "scam" locksmiths, in order to extract additional advertising revenue. The DC Circuit affirmed the district court's dismissal of the amended complaint as barred by section 230 of the Communications Decency Act, which states that no provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider. The parties agreed as to the first and third prongs of the section 230 test for determining whether the Act mandates dismissal, holding that defendants were a provider or user of an interactive computer service and that the complaint sought to hold defendants liable as the publisher or speaker of that information. As to the contested second prong of the section 230 test, the court held that the information for which plaintiff seeks to hold defendants liable was information provided by another information content provider and thus dismissal was warranted under the Act. In this case, defendants' translation of information that comes from the scam locksmiths' webpages fell within the scope of section 230 immunity. View "Marshall's Locksmith Service v. Google, LLC" on Justia Law