Unlock document.
This document is partially blurred.
Unlock all pages and 1 million more documents.
Get Access
Additional Case: You Be The Judge: United States of America v.
Cyberheat, Inc.1
Facts: Cyberheat, Inc., ran sexually explicit websites for consenting adults. It hired other companies,
called affiliates, to drive potential subscribers to its sites. The affiliates were paid a fee for each
subscriber they generated. The contract that Cyberheat signed with its affiliates explicitly prohibited
them from violating the Can-Spam Act. It also discouraged e-mail promotions. However, Cyberheat did
not investigate its affiliates, nor did it actively monitor their compliance. Cyberheat provided affiliates
with a hyperlink to use in e-mails that would link them directly to the sexually explicit site being
advertised.
The FTC alleged that ten Cyberheat affiliates violated CAN-SPAM by sending 642 unwelcome,
sexually explicit spam e-mails for which they were paid $209,120 in commissions. In some cases the
pornographic e-mails had fake subject lines, when in fact the e-mail contained pornographic images.
Cyberheat received about 400 complaints, which it ignored or handled belatedly. Oftentimes the
affiliate was allowed to continue for more than one year or was never terminated.
The Justice Department filed suit seeking civil penalties of up to $11,000 for each violation and an
injunction to prohibit further violations. Both the FTC and Cyberheat filed motions for summary
judgment.
You be the Judge: Did Cyberheat violate the CAN-SPAM Act?
Holding: Possibly, the case must go to trial. According to the court, the Can-Spam Act was not
enacted in a vacuum. The purpose of the Act is to protect those who do not want to view sexually
explicit material.
Anyone who supplies this pornographic material should be held to a high standard – they must be
responsible for ensuring that it is not sent to innocent and unwilling recipients. Cyberheat could have
foreseen that when it supplied pornographic materials to its affiliates, violations of the Act would
result. It might not be fair to hold Cyberheat responsible for an accidental or mistaken violation,
immediately attended to and corrected. But that is not what happened here – Cyberheat kept paying
any number of violators. It cannot insulate itself from any liability for the actions of the affiliates on its
ultimate behalf and for its financial benefit purely by putting on blinders. It has a duty that it can only
delegate at its own peril.
Question: Did Cyberheat know its affiliates were sending sexually explicit e-mails?
Answer: There was no evidence that Cyberheat actually knew that its affiliates were sending
Question: But, Cyberheat told its affiliates specifically not to violate the Act and discouraged them
from using e-mail. How can Cyberheat, then, be responsible for its affiliates’ violations?
Answer: According to the court, the purpose of the Act is to protect those who do not want to view
sexually explicit material. As a supplier of sexually explicit material, Cyberheat has a duty to
Field Work: Spam
Students who completed this assignment should report their findings now. Chart the answers to these
questions on the board:
What is the average amount of spam students receive in one week?
Who received the most spam in one week?
1 2007 U.S. Dist. LEXIS 15448, United States District Court for the District of Arizona, 2007.
Who received the least?
Did the person who received the least take special measures to cut down on spam?
Have they noticed any decrease in the amount of spam they receive since passage of the
Can-Spam Act in 2003?
Have they noticed any change in the nature of the spam messages they receive?
Internet Service Providers and Web
Hosts: Communications Decency Act
of 1996 (CDA)
Under the CDA, ISPs and web hosts are not liable for information that is provided by someone else.
Only content providers are liable.
Case: Carafano v. Metrosplash.com, Inc.2
Facts: Christianne Carafano is a film actor under the stage name Chase Masterson. Someone posted a
profile of her on the Matchmaker.com Internet dating service. This phony profile stated that Carafano
was "[l]ooking for a one-night stand” and for a "hard and dominant" man with "a strong sexual
appetite," and that she "liked sort of being controlled by a man, in and out of bed.” The profile also
provided her home address and an e-mail address, which, when contacted, produced an automatic
e-mail reply stating, "You think you are the right one? Proof it!!” [sic], and providing Carafano's home
address and telephone number.
Unaware of this posting, Carafano began receiving sexually explicit and harassing phone calls,
faxes, and e-mail messages. Feeling unsafe, Carafano and her son moved out of their Los Angeles
home. When Carafano’s assistant learned of the false posting she contacted Matchmaker.com,
demanding its removal. It took Matchmaker.com two days to remove the phony profile.
Carafano sued Matchmaker for invasion of privacy, misappropriation of the right of publicity,
defamation, and negligence. The district court rejected Matchmaker's argument for immunity under the
CDA on the grounds that the company provided part of the profile content.
Issue: Does the CDA protect Matchmaker from liability?
Excerpts from Judge Thomas’s Decision: Through [the CDA], Congress granted most Internet
services immunity from liability for publishing false or defamatory material so long as the information
was provided by another party. As a result, Internet publishers are treated differently from
corresponding publishers in print, television, and radio. Congress enacted this provision for two basic
policy reasons: to promote the free exchange of information and ideas over the Internet and to
encourage voluntary monitoring for offensive or obscene material.
Interactive computer services have millions of users. It would be impossible for service providers
to screen each of their millions of postings for possible problems. Faced with potential liability for each
message republished by their services, interactive computer service providers might choose to severely
restrict the number and type of messages posted. Congress considered the weight of the speech
interests implicated and chose to immunize service providers to avoid any such restrictive effect. Under
[the CDA], therefore, so long as a third party willingly provides the essential published content, the
interactive service provider receives full immunity regardless of the specific editing or selection
process.
The fact that some of the content [in Carafano’s fake profile] was formulated in response to
Matchmaker’s questionnaire does not [make Matchmaker liable]. Doubtless, the questionnaire
facilitated the expression of information by individual users. However, the selection of the content was
2 339 F.3d 1119; 2003 U.S. App. LEXIS 16548 United States Court of Appeals for the Ninth Circuit, 2003.
left exclusively to the user. Matchmaker cannot be considered an “information content provider” under
the statute because no profile has any content until a user actively creates it.
Further, even assuming Matchmaker could be considered an information content provider, the
statute would still bar Carafano’s claims unless Matchmaker created or developed the particular
information at issue. In this case, critical information about Carafano’s home address and the e-mail
address that revealed her phone number were transmitted unaltered to profile viewers. Thus
Matchmaker did not play a significant role in creating, developing, or “transforming” the relevant
information.
Thus, despite the serious and utterly deplorable consequences that occurred in this case, we
conclude that Congress intended that service providers such as Matchmaker be afforded immunity from
suit.
.
Question: What role did Matchmaker play in developing the content that was posted as a profile of
Carafano?
Question: Was Matchmaker a content provider?
Question: Is Matchmaker liable?
Question: Why did Congress make ISPs immune from liability for material posted online by others
under the Communications Decency Act?
Answer: To promote the free exchange of information and ideas over the Internet and because it
Question: Can Carafano recover damages from anyone?
Question: A great deal of harm can be done very quickly on the Internet. Did Congress make the
right policy decision when it passed the CDA?
Crime on the Internet
Hacking
Gaining unauthorized access to a computer system is called hacking. Hacking is a crime under the
federal Computer Fraud and Abuse Act of 1986 (CFAA). This statute applies to any computer,
cellphone, iPod or other gadget attached to the Internet.
The CFAA prohibits:
Accessing a computer without authorization and obtaining information from it
Computer espionage
Theft of financial information
Theft of information from the U.S. government
Theft from a computer
Computer fraud
Intentional, reckless, and negligent damage to a computer
Trafficking in computer passwords
Computer extortion
Fraud
Fraud is the deception of another person for the purpose of obtaining money or property from him. It
can be prosecuted under state law or the Computer Fraud and Abuse Act.
Auctions
Internet auctions are the number one source of consumer complaints about online fraud.
Identity Theft
Identity theft is one of the scariest crimes against property. Thieves steal the victim’s social security
number and other personal information such as bank account numbers and mother’s maiden name,
which they use to obtain loans and credit cards. Identity Theft and Assumption Deterrence Act of 1998
prohibits the use of false identification to commit fraud or other crime and it also permits the victim to
seek restitution in court.
Phishing
Phishing is a fast-growing crime that involves sending fraudulent e-mails directing the recipient to
enter personal information on a website that is an illegal imitation of a legitimate site. If students
completed the phishing fieldwork, they should present their results now. How obvious is it that the
message is illegitimate? (Often such messages contain faulty grammar and syntax.) Have any students
fallen prey to a phishing scam?
Multiple Choice Questions
1. Beth sent fraudulent e-mails through both her account at work and her personal account at
home. Although Beth had never read her employer’s handbook, it said the company had the
right to access work e-mails. The police ___________obtain a search warrant before reading
her work e-mails. They___________ obtain a search warrant before reading the e-mails from
her personal account.
(a) need to/need to
(b) need not/need not
(c) need to/need not
(d) need not/need to
2. Because Blaine Blogger reviews movies on his blog, cinemas allow him in for free. Nellie
Newspaper Reporter also gets free admission to movies. Blaine ________ disclose on his blog
that he receives free tickets. Nellie _________ disclose in her articles that she receives free
tickets.
(a) must/must
(b) need not/need not
(c) must/need not
(d) need not/must
3. An employer has the right to monitor workers’ electronic communications if
(a) the employee consents.
(b) the monitoring occurs in the ordinary course of business.
(c) the employer provides the computer system.
(d) All of the above.
(e) None of the above.
4. Spiro Spammer sends millions of e-mails a day asking people to donate to his college tuition
fund. Oddly enough, many people do. Everything in the e-mails is accurate (including his 1.9
GPA). Which of the following statements is true?
(a) Spiro has violated the Can-Spam Act because he has sent unsolicited commercial
e-mails.
(b) Spiro has violated the Can-Spam Act if he has not offered recipients an opportunity to
unsubscribe.
(c) Spiro has violated the Can-Spam Act because he is asking for money.
(d) Spiro has violated the Can-Spam Act unless the recipients have granted permission to
him to send these e-mails.
5. Sushila suspects that her boyfriend is being unfaithful. While he is asleep, she takes his iPod
out from under his pillow and goes through all his playlists. Then she finds what she has been
looking for: Plum’s Playlist. It is full of romantic songs. Sushila sends Plum an e-mail that says,
“You are the most evil person in the universe!” Which law has Sushila violated?
(a) The First Amendment
(b) The CDA
(c) The ECPA
(d) The CFAA
(e) None
Essay Questions
1. ETHICS Chitika, Inc. provided online tracking tools on websites. When consumers clicked the
“opt out” button, indicating that they did not want to be tracked, they were not – for ten days. After
that, the software would resume tracking. Is there a legal problem with Chitika’s system? An
ethical problem? What Life Principles were operating here?
2. You Be the Judge: WRITING PROBLEM Jerome Schneider wrote several books
on how to avoid taxes. These books were sold on Amazon.com. Amazon permits visitors to post
comments about items for sale. Amazon’s policy suggests that these comments should be civil (e.g.,
no profanity or spiteful remarks). The comments about Schneider’s books were not so kind. One
person alleged Schneider was a felon. When Schneider complained, an Amazon representative
agreed that some of the postings violated its guidelines and promised that they would be removed
within one to two business days. Two days later, the posting had not been removed. Schneider filed
suit. Argument for Schneider: Amazon has editorial discretion over the posted comments: It both
establishes guidelines and then monitors the comments to ensure that they comply with the
guidelines. These activities make Amazon an information content provider, not protected by the
Communications Decency Act. Also, Amazon violated its promise to take down the content.
Argument for Amazon: The right to edit material is not the same thing as creating the material in
the first place.
Answer: The court held for Amazon. Editing material does not create liability under the CDA. The
3. Over the course of 10 months, Joseph Melle sent more than 60 million unsolicited e-mail
advertisements to AOL members. What charges could be brought against him? Would you need
more information before deciding?
4. What can you do to protect your privacy online? Draw up a concrete list of steps that you might
reasonably consider. Are there some actions that you would not be willing to take because they are
not worth it to you?
5. Craig Hare offered computers and related equipment for sale on various Internet auction websites.
He accepted payment but not responsibility—he never shipped the goods. Which government
agencies might bring charges against him?
Discussion Questions
1. Marina Stengart used her company laptop to communicate with her lawyer via her personal,
password-protected, web-based e-mail account. The company’s policy stated:
E-mail and voice mail messages, Internet use and communication and computer files are
considered part of the company's business and client records. Such communications are not to
be considered private or personal to any individual employee. Occasional personal use is
permitted; however, the system should not be used to solicit for outside business ventures,
charitable organizations, or for any political or religious purpose, unless authorized by the
Director of Human Resources.
After she filed an employment lawsuit against her employer, the company hired an expert to access
her e-mails that had been automatically stored on the laptop. Are these e-mails protected by the
attorney-client privilege? How does this case compare with Scott v. Beth Israel earlier in the
chapter?
Answer: The court ruled the attorney-client privilege protected these e-mails. Stengart had a
reasonable expectation of privacy because she had taken steps to protect the privacy of those
2. Roommates.com operated a website designed to match people renting out spare rooms with those
looking for a place to live. Before subscribers could search listings or post housing opportunities on
Roommate's website, they had to create profiles, a process that required them to answer a series of
questions that included the subscriber’s sex, sexual orientation and whether he would bring
children to a household. The site also encouraged subscribers to provide "Additional Comments"
describing themselves and their desired roommate in an open-ended essay. Here are some typical
ads:
• “I am not looking for Muslims”
• “Not acceptable: freaks, geeks, prostitutes (male or female), druggies, pet cobras, drama
queens, or mortgage brokers”
• “Must be a black gay male!”
• “We are three Christian females who Love our Lord Jesus Christ. .. . We have weekly bible
studies and bi-weekly times of fellowship”
Many of the ads violated the Fair Housing Act. Is roommates.com liable?
Answer: The Ninth Circuit Court of Appeals ruled that the website was liable because it created
the discriminatory questions and designed its website registration process around them. Therefore,
it was the "information content provider" as to the questions and could claim no immunity for
3. ETHICS Matt Drudge published a report on his website (http://www.drudgereport.com) that
White House aide Sidney Blumenthal “has a spousal abuse past that has been effectively covered
up…. There are court records of Blumenthal’s violence against his wife.” The Drudge Report is an
electronic publication focusing on Hollywood and Washington gossip. AOL paid Drudge $3,000 a
month to make the Drudge Report available to AOL subscribers. Drudge emailed his reports to
AOL, which then posted them. Before posting, however, AOL had the right to edit content. Drudge
ultimately retracted his allegations against Blumenthal, who sued AOL. He alleged that under the
Communications Decency Act of 1996, AOL was a “content provider” because it paid Drudge and
edited what he wrote. Do you agree? Putting liability aside, what moral obligation did AOL have to
its members? To Blumenthal? Should AOL be liable for content it bought and provided to its
members?
Answer: The court was sympathetic to Blumenthal, writing that, if it were starting with a “clean
slate” it would find for him. However, the Court continued, Congress made a different policy
4. Lori Drew created a fake MySpace profile, pretending to be a teenage boy. Through that boy’s
identity, she bullied 13 year old Megan Meier. The girl killed herself shortly after receiving a
message saying, “The world would be a better place without you.” MySpace requires all users to
agree to its terms of service, which require “truthful and accurate” information. Has Drew violated
the CFAA?
5. Tracking tools provide benefits to consumers but they also carry risks. Should Congress regulate
them? If so, what should the law provide?
