978-1285427003 Chapter 32 Lecture Note Part 2

Unlock access to all the studying documents.

View Full Document

Additional Case: You Be The Judge: United States of America v.

Cyberheat, Inc.1

Facts: Cyberheat, Inc., ran sexually explicit websites for consenting adults. It hired other companies,

called affiliates, to drive potential subscribers to its sites. The affiliates were paid a fee for each

subscriber they generated. The contract that Cyberheat signed with its affiliates explicitly prohibited

them from violating the Can-Spam Act. It also discouraged e-mail promotions. However, Cyberheat did

not investigate its affiliates, nor did it actively monitor their compliance. Cyberheat provided affiliates

with a hyperlink to use in e-mails that would link them directly to the sexually explicit site being

advertised.

The FTC alleged that ten Cyberheat affiliates violated CAN-SPAM by sending 642 unwelcome,

sexually explicit spam e-mails for which they were paid $209,120 in commissions. In some cases the

pornographic e-mails had fake subject lines, when in fact the e-mail contained pornographic images.

Cyberheat received about 400 complaints, which it ignored or handled belatedly. Oftentimes the

affiliate was allowed to continue for more than one year or was never terminated.

The Justice Department filed suit seeking civil penalties of up to $11,000 for each violation and an

injunction to prohibit further violations. Both the FTC and Cyberheat filed motions for summary

judgment.

You be the Judge: Did Cyberheat violate the CAN-SPAM Act?

Holding: Possibly, the case must go to trial. According to the court, the Can-Spam Act was not

enacted in a vacuum. The purpose of the Act is to protect those who do not want to view sexually

explicit material.

Anyone who supplies this pornographic material should be held to a high standard – they must be

responsible for ensuring that it is not sent to innocent and unwilling recipients. Cyberheat could have

foreseen that when it supplied pornographic materials to its affiliates, violations of the Act would

result. It might not be fair to hold Cyberheat responsible for an accidental or mistaken violation,

immediately attended to and corrected. But that is not what happened here – Cyberheat kept paying

any number of violators. It cannot insulate itself from any liability for the actions of the affiliates on its

ultimate behalf and for its financial benefit purely by putting on blinders. It has a duty that it can only

delegate at its own peril.

Question: Did Cyberheat know its affiliates were sending sexually explicit e-mails?

Answer: There was no evidence that Cyberheat actually knew that its affiliates were sending

Question: But, Cyberheat told its affiliates specifically not to violate the Act and discouraged them

from using e-mail. How can Cyberheat, then, be responsible for its affiliates’ violations?

Answer: According to the court, the purpose of the Act is to protect those who do not want to view

sexually explicit material. As a supplier of sexually explicit material, Cyberheat has a duty to

Field Work: Spam

Students who completed this assignment should report their findings now. Chart the answers to these

questions on the board:

What is the average amount of spam students receive in one week?

Who received the most spam in one week?

1 2007 U.S. Dist. LEXIS 15448, United States District Court for the District of Arizona, 2007.

Who received the least?

Did the person who received the least take special measures to cut down on spam?

Have they noticed any decrease in the amount of spam they receive since passage of the

Can-Spam Act in 2003?

Have they noticed any change in the nature of the spam messages they receive?

Internet Service Providers and Web

Hosts: Communications Decency Act

of 1996 (CDA)

Under the CDA, ISPs and web hosts are not liable for information that is provided by someone else.

Only content providers are liable.

Case: Carafano v. Metrosplash.com, Inc.2

Facts: Christianne Carafano is a film actor under the stage name Chase Masterson. Someone posted a

profile of her on the Matchmaker.com Internet dating service. This phony profile stated that Carafano

was “[l]ooking for a one-night stand” and for a “hard and dominant” man with “a strong sexual

appetite,” and that she “liked sort of being controlled by a man, in and out of bed.” The profile also

provided her home address and an e-mail address, which, when contacted, produced an automatic

e-mail reply stating, “You think you are the right one? Proof it!!” [sic], and providing Carafano’s home

address and telephone number.

Unaware of this posting, Carafano began receiving sexually explicit and harassing phone calls,

faxes, and e-mail messages. Feeling unsafe, Carafano and her son moved out of their Los Angeles

home. When Carafano’s assistant learned of the false posting she contacted Matchmaker.com,

demanding its removal. It took Matchmaker.com two days to remove the phony profile.

Carafano sued Matchmaker for invasion of privacy, misappropriation of the right of publicity,

defamation, and negligence. The district court rejected Matchmaker’s argument for immunity under the

CDA on the grounds that the company provided part of the profile content.

Issue: Does the CDA protect Matchmaker from liability?

Excerpts from Judge Thomas’s Decision: Through [the CDA], Congress granted most Internet

services immunity from liability for publishing false or defamatory material so long as the information

was provided by another party. As a result, Internet publishers are treated differently from

corresponding publishers in print, television, and radio. Congress enacted this provision for two basic

policy reasons: to promote the free exchange of information and ideas over the Internet and to

encourage voluntary monitoring for offensive or obscene material.

Interactive computer services have millions of users. It would be impossible for service providers

to screen each of their millions of postings for possible problems. Faced with potential liability for each

message republished by their services, interactive computer service providers might choose to severely

restrict the number and type of messages posted. Congress considered the weight of the speech

interests implicated and chose to immunize service providers to avoid any such restrictive effect. Under

[the CDA], therefore, so long as a third party willingly provides the essential published content, the

interactive service provider receives full immunity regardless of the specific editing or selection

process.

The fact that some of the content [in Carafano’s fake profile] was formulated in response to

Matchmaker’s questionnaire does not [make Matchmaker liable]. Doubtless, the questionnaire

facilitated the expression of information by individual users. However, the selection of the content was

2 339 F.3d 1119; 2003 U.S. App. LEXIS 16548 United States Court of Appeals for the Ninth Circuit, 2003.

left exclusively to the user. Matchmaker cannot be considered an “information content provider” under

the statute because no profile has any content until a user actively creates it.

Further, even assuming Matchmaker could be considered an information content provider, the

statute would still bar Carafano’s claims unless Matchmaker created or developed the particular

information at issue. In this case, critical information about Carafano’s home address and the e-mail

address that revealed her phone number were transmitted unaltered to profile viewers. Thus

Matchmaker did not play a significant role in creating, developing, or “transforming” the relevant

information.

Thus, despite the serious and utterly deplorable consequences that occurred in this case, we

conclude that Congress intended that service providers such as Matchmaker be afforded immunity from

suit.

Question: What role did Matchmaker play in developing the content that was posted as a profile of

Carafano?

Question: Was Matchmaker a content provider?

Question: Is Matchmaker liable?

Question: Why did Congress make ISPs immune from liability for material posted online by others

under the Communications Decency Act?

Answer: To promote the free exchange of information and ideas over the Internet and because it

Question: Can Carafano recover damages from anyone?

Question: A great deal of harm can be done very quickly on the Internet. Did Congress make the

right policy decision when it passed the CDA?

Crime on the Internet

Hacking

Gaining unauthorized access to a computer system is called hacking. Hacking is a crime under the

federal Computer Fraud and Abuse Act of 1986 (CFAA). This statute applies to any computer,

cellphone, iPod or other gadget attached to the Internet.

The CFAA prohibits:

Accessing a computer without authorization and obtaining information from it

Computer espionage

Theft of financial information

Theft of information from the U.S. government

Theft from a computer

Computer fraud

Intentional, reckless, and negligent damage to a computer

Trafficking in computer passwords

Computer extortion

Fraud

Fraud is the deception of another person for the purpose of obtaining money or property from him. It

can be prosecuted under state law or the Computer Fraud and Abuse Act.

Auctions

Internet auctions are the number one source of consumer complaints about online fraud.

Identity Theft

Identity theft is one of the scariest crimes against property. Thieves steal the victim’s social security

number and other personal information such as bank account numbers and mother’s maiden name,

which they use to obtain loans and credit cards. Identity Theft and Assumption Deterrence Act of 1998

prohibits the use of false identification to commit fraud or other crime and it also permits the victim to

seek restitution in court.

Phishing

Phishing is a fast-growing crime that involves sending fraudulent e-mails directing the recipient to

enter personal information on a website that is an illegal imitation of a legitimate site. If students

completed the phishing fieldwork, they should present their results now. How obvious is it that the

message is illegitimate? (Often such messages contain faulty grammar and syntax.) Have any students

fallen prey to a phishing scam?

Multiple Choice Questions

1. Beth sent fraudulent e-mails through both her account at work and her personal account at

home. Although Beth had never read her employer’s handbook, it said the company had the

right to access work e-mails. The police ___________obtain a search warrant before reading

her work e-mails. They___________ obtain a search warrant before reading the e-mails from

her personal account.

(a) need to/need to

(b) need not/need not

(d) need not/need to

2. Because Blaine Blogger reviews movies on his blog, cinemas allow him in for free. Nellie

Newspaper Reporter also gets free admission to movies. Blaine ________ disclose on his blog

that he receives free tickets. Nellie _________ disclose in her articles that she receives free

tickets.

(a) must/must

(b) need not/need not

(d) need not/must

3. An employer has the right to monitor workers’ electronic communications if

(a) the employee consents.

(b) the monitoring occurs in the ordinary course of business.

(d) All of the above.

(e) None of the above.

4. Spiro Spammer sends millions of e-mails a day asking people to donate to his college tuition

fund. Oddly enough, many people do. Everything in the e-mails is accurate (including his 1.9

GPA). Which of the following statements is true?

(a) Spiro has violated the Can-Spam Act because he has sent unsolicited commercial

e-mails.

(b) Spiro has violated the Can-Spam Act if he has not offered recipients an opportunity to

unsubscribe.

(d) Spiro has violated the Can-Spam Act unless the recipients have granted permission to

him to send these e-mails.

5. Sushila suspects that her boyfriend is being unfaithful. While he is asleep, she takes his iPod

out from under his pillow and goes through all his playlists. Then she finds what she has been

looking for: Plum’s Playlist. It is full of romantic songs. Sushila sends Plum an e-mail that says,

“You are the most evil person in the universe!” Which law has Sushila violated?

(a) The First Amendment

(b) The CDA

(d) The CFAA

(e) None

Essay Questions

1. ETHICS Chitika, Inc. provided online tracking tools on websites. When consumers clicked the

“opt out” button, indicating that they did not want to be tracked, they were not – for ten days. After

that, the software would resume tracking. Is there a legal problem with Chitika’s system? An

ethical problem? What Life Principles were operating here?

2. You Be the Judge: WRITING PROBLEM Jerome Schneider wrote several books

on how to avoid taxes. These books were sold on Amazon.com. Amazon permits visitors to post

comments about items for sale. Amazon’s policy suggests that these comments should be civil (e.g.,

no profanity or spiteful remarks). The comments about Schneider’s books were not so kind. One

person alleged Schneider was a felon. When Schneider complained, an Amazon representative

agreed that some of the postings violated its guidelines and promised that they would be removed

within one to two business days. Two days later, the posting had not been removed. Schneider filed

suit. Argument for Schneider: Amazon has editorial discretion over the posted comments: It both

establishes guidelines and then monitors the comments to ensure that they comply with the

guidelines. These activities make Amazon an information content provider, not protected by the

Communications Decency Act. Also, Amazon violated its promise to take down the content.

Argument for Amazon: The right to edit material is not the same thing as creating the material in

the first place.

Answer: The court held for Amazon. Editing material does not create liability under the CDA. The

3. Over the course of 10 months, Joseph Melle sent more than 60 million unsolicited e-mail

advertisements to AOL members. What charges could be brought against him? Would you need

more information before deciding?

4. What can you do to protect your privacy online? Draw up a concrete list of steps that you might

reasonably consider. Are there some actions that you would not be willing to take because they are

not worth it to you?

5. Craig Hare offered computers and related equipment for sale on various Internet auction websites.

He accepted payment but not responsibility—he never shipped the goods. Which government

agencies might bring charges against him?

Discussion Questions

1. Marina Stengart used her company laptop to communicate with her lawyer via her personal,

password-protected, web-based e-mail account. The company’s policy stated:

E-mail and voice mail messages, Internet use and communication and computer files are

considered part of the company’s business and client records. Such communications are not to

be considered private or personal to any individual employee. Occasional personal use is

permitted; however, the system should not be used to solicit for outside business ventures,

charitable organizations, or for any political or religious purpose, unless authorized by the

Director of Human Resources.

After she filed an employment lawsuit against her employer, the company hired an expert to access

her e-mails that had been automatically stored on the laptop. Are these e-mails protected by the

attorney-client privilege? How does this case compare with Scott v. Beth Israel earlier in the

chapter?

Answer: The court ruled the attorney-client privilege protected these e-mails. Stengart had a

reasonable expectation of privacy because she had taken steps to protect the privacy of those

2. Roommates.com operated a website designed to match people renting out spare rooms with those

looking for a place to live. Before subscribers could search listings or post housing opportunities on

Roommate’s website, they had to create profiles, a process that required them to answer a series of

questions that included the subscriber’s sex, sexual orientation and whether he would bring

children to a household. The site also encouraged subscribers to provide “Additional Comments”

describing themselves and their desired roommate in an open-ended essay. Here are some typical

ads:

• “I am not looking for Muslims”

• “Not acceptable: freaks, geeks, prostitutes (male or female), druggies, pet cobras, drama

queens, or mortgage brokers”

• “Must be a black gay male!”

• “We are three Christian females who Love our Lord Jesus Christ. .. . We have weekly bible

studies and bi-weekly times of fellowship”

Many of the ads violated the Fair Housing Act. Is roommates.com liable?

Answer: The Ninth Circuit Court of Appeals ruled that the website was liable because it created

the discriminatory questions and designed its website registration process around them. Therefore,

it was the “information content provider” as to the questions and could claim no immunity for

3. ETHICS Matt Drudge published a report on his website (http://www.drudgereport.com) that

White House aide Sidney Blumenthal “has a spousal abuse past that has been effectively covered

up…. There are court records of Blumenthal’s violence against his wife.” The Drudge Report is an

electronic publication focusing on Hollywood and Washington gossip. AOL paid Drudge $3,000 a

month to make the Drudge Report available to AOL subscribers. Drudge emailed his reports to

AOL, which then posted them. Before posting, however, AOL had the right to edit content. Drudge

ultimately retracted his allegations against Blumenthal, who sued AOL. He alleged that under the

Communications Decency Act of 1996, AOL was a “content provider” because it paid Drudge and

edited what he wrote. Do you agree? Putting liability aside, what moral obligation did AOL have to

its members? To Blumenthal? Should AOL be liable for content it bought and provided to its

members?

Answer: The court was sympathetic to Blumenthal, writing that, if it were starting with a “clean

slate” it would find for him. However, the Court continued, Congress made a different policy

4. Lori Drew created a fake MySpace profile, pretending to be a teenage boy. Through that boy’s

identity, she bullied 13 year old Megan Meier. The girl killed herself shortly after receiving a

message saying, “The world would be a better place without you.” MySpace requires all users to

agree to its terms of service, which require “truthful and accurate” information. Has Drew violated

the CFAA?

5. Tracking tools provide benefits to consumers but they also carry risks. Should Congress regulate

them? If so, what should the law provide?