Justia Internet Law Opinion SummariesArticles Posted in US Supreme Court
Van Buren v. United States
Former Georgia police sergeant Van Buren used his credentials on a patrol-car computer to access a law enforcement database to retrieve license plate information in exchange for money. His conduct violated a department policy against obtaining database information for non-law-enforcement purposes. The Eleventh Circuit upheld Van Buren's conviction for a felony violation of the Computer Fraud and Abuse Act of 1986 (CFAA), which covers anyone who “intentionally accesses a computer without authorization or exceeds authorized access,” 18 U.S.C. 1030(a)(2), defined to mean “to access a computer with authorization and to use such access to obtain or alter information in the computer that the accesser is not entitled so to obtain or alter.”The Supreme Court reversed. An individual “exceeds authorized access” when he accesses a computer with authorization but then obtains information located in particular areas of the computer (files, folders, databases) that are off-limits to him. Van Buren “access[ed] a computer with authorization” and “obtain[ed] . . . information in the computer.” The phrase “is not entitled so to obtain” refers to information one is not allowed to obtain by using a computer that he is authorized to access.“Without authorization” protects computers themselves from outside hackers; the “exceeds authorized access” clause protects certain information within computers from "inside hackers." One either can or cannot access a computer system, and one either can or cannot access certain areas within the system. The Act’s precursor to the “exceeds authorized access” language covered any person who, “having accessed a computer with authorization, uses the opportunity such access provides for purposes to which such authorization does not extend.” Congress removed any reference to “purpose” in the CFAA. On the government’s reading, an employee who sends a personal e-mail or reads the news using a work computer may have violated the CFAA. View "Van Buren v. United States" on Justia Law
Facebook, Inc. v. Duguid
The Telephone Consumer Protection Act of 1991 (TCPA) restricts communications made with an “automatic telephone dialing system,” defined as equipment with the capacity both “to store or produce telephone numbers to be called, using a random or sequential number generator,” and to dial those numbers, 47 U.S.C. 227(a)(1). Facebook’s social media platform allows users to elect to receive text messages when someone attempts to log in to the user’s account from a new device. Facebook sent such texts to Duguid, alerting him to login activity on a Facebook account linked to his telephone number, but Duguid never created any Facebook account. Duguid tried, unsuccessfully, to stop the unwanted messages. He brought a putative class action, alleging that Facebook violated the TCPA by maintaining a database that stored phone numbers and programming its equipment to send automated text messages. The Ninth Circuit ruled in Duguid’s favor.The Supreme Court reversed: To qualify as an “automatic telephone dialing system” under the TCPA, a device must have the capacity either to store a telephone number using a random or sequential number generator or to produce a telephone number using a random or sequential number generator. The statutory context confirms that the TCPA’s autodialer definition excludes equipment that does not use a random or sequential number generator. Congress found autodialer technology harmful because autodialers can dial emergency lines randomly or tie up all of an entity's sequentially numbered phone lines. Duguid’s interpretation would encompass any equipment that stores and dials telephone numbers. View "Facebook, Inc. v. Duguid" on Justia Law
Patent and Trademark Office v. Booking.com B.V.
A generic name—the name of a class of products or services—is ineligible for federal trademark registration. Booking.com, a travel-reservation website, sought federal registration of marks including the term “Booking.com.” Concluding that “Booking.com” was a generic name for online hotel-reservation services, the U.S. Patent and Trademark Office (PTO) refused registration. The Fourth Circuit affirmed the District Court decision that “Booking.com”—unlike the term “booking” standing alone—is not generic.The Supreme Court affirmed. A term styled “generic.com” is a generic name for a class of goods or services only if the term has that meaning to consumers. Whether a compound term is generic turns on whether that term, taken as a whole, signifies to consumers a class of goods or services. Consumers do not perceive the term “Booking.com” that way. Only one entity can occupy a particular Internet domain name at a time, so a “generic.com” term could convey to consumers an association with a particular website. An unyielding legal rule disregarding consumer perception would be incompatible with a bedrock principle of the Lanham Act. The PTO’s policy concerns do not support a categorical rule against the registration of “generic.com” terms. Several doctrines ensure that registration of “Booking.com” would not yield its holder a monopoly on the term “booking.” View "Patent and Trademark Office v. Booking.com B.V." on Justia Law
United States v. Microsoft Corp.
In 2013, federal agents obtained an 18 U.S.C. 2703 warrant requiring Microsoft to disclose all e-mails and other information associated with a customer's account that was believed to be involved in illegal drug trafficking. Microsoft determined that the account’s e-mail contents were all stored in Microsoft’s Dublin, Ireland datacenter and moved, unsuccessfully, to quash the warrant with respect to that information. The court held Microsoft in civil contempt. The Second Circuit reversed, holding that requiring Microsoft to disclose the electronic communications in question would be an unauthorized extraterritorial application of section 2703. In March 2018, Congress enacted and the President signed the Clarifying Lawful Overseas Use of Data Act (CLOUD Act), Pub. L. 115–141, amending the Stored Communications Act, 18 U.S.C. 2701, to add: “A [service provider] shall comply with the obligations of this chapter to preserve, backup, or disclose the contents of a wire or electronic communication and any record or other information pertaining to a customer or subscriber within such provider’s possession, custody, or control, regardless of whether such communication, record, or other information is located within or outside of the United States.” The Supreme Court vacated, finding the case moot. No live dispute remains between the parties over the issue with respect to which certiorari was granted; a new warrant replaced the original warrant. View "United States v. Microsoft Corp." on Justia Law