In the Executive
- A website that sold popular girls' toys and school supplies agreed to settle charges brought by the Federal Trade Commission for violating the Children's Online Privacy Protection Act (COPPA). The site obtained personally identifiable information from children under 13 without first obtaining parental consent. The website operator agreed to pay a $30,000 fine.
- The FTC has proposed a two-year extension to the current rule permitting the submission of parental consent for COPPA purposes by email. Under the current rule, email consents would be permitted only through April 2002.
- The Chairman of the FTC, Timothy Muris, announced that the Commission will not advocate new laws to protect consumer privacy online. Chairman Muris said that the FTC instead will devote more resources to pursuing companies that violate their privacy policies, send deceptive spam, and do not adequately protect security of customer data.
- In a case brought by the FTC, a federal district court ordered thousands of websites shut after it determined that they diverted web surfers and subjected them to pop-up ads for pornography and Internet gambling. Many of these websites had domain names that were misspellings of popular sites or celebrities.
In the Congress
- Congress passed, and President Bush signed, the USA-PATRIOT antiterrorism bill, which makes it easier for law enforcement authorities to monitor Internet communications.
- The House Finance Committee approved legislation prohibiting the use of credit cards in Internet gambling. The legislation had been part of the money laundering section of the antiterrorism bill, but the House leadership stripped it out because it was too controversial. The Finance Committee now hopes the provision will proceed as a stand-alone bill. The House Judiciary Committee will consider it next. The legislation excludes from its coverage Internet service providers who are not acting in concert with Internet gambling businesses.
- The moratorium on discriminatory state and local Internet taxes expired on October 21. The House passed a two-year extension before the moratorium expired, but the Senate did not pass the extension until mid-November. It does not appear that any jurisdiction imposed new taxes on Internet access or transactions during the three-week window.
- The Government Accounting Office issued a report finding few instances where state governments were accused of infringing intellectual property rights. Senator Hatch had requested the report in response to Supreme Court decisions that found unconstitutional the application of federal intellectual property law against state governments.
- The Copyright Office has requested comments on the distribution of royalties resulting from the satellite compulsory license required by Section 119 of the Copyright Act.
In the Courts
- The U.S. Supreme Court has refused to hear an appeal of the Washington State Supreme Court's decision upholding the constitutionality of Washington's spam law. The law prohibits the sending of unsolicited commercial email with a false return address or misleading information in its subject line. The case will now proceed to trial.
- The U.S. Court of Appeals for the Second Circuit affirmed a procedural decision favoring Aimster in its litigation with the Recording Industry Association of America. The decision means that the venue for the litigation will be Albany rather than Manhattan.
- The U.S. Court of Appeals for the Third Circuit recognized the doctrine of "initial interest confusion" in a cybersquatting case, but then proceeded to conclude that the domain name had not been registered in bad faith.
- A federal district court rejected the parody defense in a cybersquatting case involving the registration of names containing the Barbie trademark. The court found that the defendant had not created a parody site, and the names were linked to the defendant's commercial websites.
- A federal district court found that the Communications Decency Act protected a commercial copy shop that provided computers with Internet access against liability for defamatory statements made by users of those computers.
- A federal district court in Maryland ruled that a website that posted commercial real estate listings was a service provider that could receive protection under the Digital Millennium Copyright Act's safe harbors. However, disputed facts remained concerning the website's handling of repeat offenders, so its motion for summary judgement was denied.
- A federal district court in California ruled that an online retailer that receives customer information during a transaction is a party to the communication and thus is not a provider of an electronic communication service under the Electronic Communications Privacy Act. Accordingly, the retailer does not violate ECPA when it transmits the customer information to a third party that verifies the customer's identity.
- A federal district court in Virginia ruled that a Virginia state law prohibiting the use of the Internet to sell, rent, or lend sexually explicit material to juveniles is unconstitutional. Similar laws in New York, New Mexico, and Michigan have also been found unconstitutional. The U.S. Supreme Court will consider the constitutionality of the federal Child Online Protection Act later this term.
- A federal district court in Washington State ruled that each act by which a website's server communicates with a cookie on a user's computer is a separate access that cannot be aggregated for purposes of meeting the $5,000 loss threshold under the Computer Fraud and Abuse Act.
- The plaintiffs in the litigation over whether the allocation of the new ".biz" domain names is an unlawful lottery failed to post the $1.6 million bond the court had required as a condition for the preliminary injunction. Accordingly, the injunction was lifted, and NeuLevel can allocate disputed ".biz" names.
- A federal district court has issued a preliminary injunction ordering America Online to stop distributing release 6.0 of its software because it likely contains computer code that infringes the copyrights of PlayMedia Systems.
- The major television networks have filed copyright infringement actions against SONICblue, which develops and distributes a digital video recorder. The SONICblue device, ReplayTV 4000, allows users to skip over advertisements when they replay the TV programs they have recorded, and to send the recordings over the Internet.
- The motion picture and recording industries filed copyright infringement actions against several digital file-sharing networks, including Grokster, MusicCity, and Consumer Empowerment.
In the European Union
- The Electronic Commerce Directive is supposed to be implemented by January 2002, but thus far, only Luxembourg has completed the implementation process. Germany, France, Finland, and Denmark have official draft legislation pending, while informal implementation proposals exist in Sweden, Ireland, and Belgium. The UK has only released a consultation paper. In addition, EEA Member Norway has released draft implementing legislation. Since March 2000, the Spanish government has drafted four bills on electronic commerce that seek to implement the Electronic Commerce Directive. The fifth and final bill is the one submitted by the Spanish government on July 25 to the European Commission in compliance with the Transparency Directive.
- The E-commerce Directive was partially implemented in France through the Law on Security, on which the Parliament voted on October 31. The remainder of the implementation is meant to occur through the Law on Information Society (LSI), which was put forward by the French government on June 13, 2001 and still awaits a vote in the Parliament. Due to the recent terrorist attacks, the Government decided to implement various emergency anti-terrorism measures, including some on the use of the Internet. Because of their urgent nature, most of the measures will be sunset after three years. On October 18, the Senate voted on thirteen amendments to the Law on Security, some of them having direct impact on civil liberties. These provisions criminalize certain acts, and aim to facilitate investigation of criminal offences. Three of the proposed amendments directly concern Internet issues, in particular storage of connection data, encryption, and police powers to investigate encryption issues.
- The European Court of Justice on October 4 issued a decision in Case C-450/00, Commission v. Grand Duchy of Luxembourg, dealing with Luxembourg's failure to implement the Data Protection Directive. Although Luxembourg stated that the Directive is soon to be implemented, the Court declared that Luxembourg has failed to fulfill its obligations and ordered it to pay the costs of the procedure.
- The Commission has begun a review of companies' compliance with the data protection safe harbor principles, in preparation for a report that the Commission is supposed to submit to the European Parliament by the end of the year.
- The French Supreme Court ruled that employers do not have the right to read their employees' e-mail. This decision is particularly significant, since it is the first time the Supreme Court has ruled on the use of e-mail in the workplace. In this decision (Nikon France v. Onos), the Supreme Court totally prohibited the practice of monitoring e-mails, even with the employees' knowledge; previously, the lower courts had allowed employers to engage in monitoring when they had informed employees in advance.
- The European Commission held a hearing on the draft of the Hague Convention on international jurisdiction and foreign judgments in civil and commercial matters. The meeting was presided over by Mr. Mario-Paolo Tenreiro, Head of Unit in Directorate A, Judicial Cooperation in Civil Matters in the Justice and Home Affairs DG.
- The European Consumers' Organization (BEUC) and the Union of Industrial and Employers' Confederation of Europe (UNICE) signed an agreement on a European-wide accreditation system for trustmarks in e-commerce. The plan, agreed to after several months of negotiations, integrates a series of criteria and a detailed approval and monitoring system based on assessment by an independent third party. The agreement was presented to the European Commission as a contribution to the eConfidence initiative launched in May 2000 by David Byrne, the European Commissioner for Consumer Protection.
In Latin America
- An Argentine court has dismissed a lawsuit filed against Argentina-based auction site Deremate (www.deremate.com) by a public auctioneer. The auctioneer claimed that Deremate's activities violated an Argentine law that an auction can be conducted only by public auctioneers authorized by the government. This ruling is significant because it is the first Latin American decision favoring e-commerce.
- A criminal court applied the gambling laws of the City of Buenos Aires to a web site promoting and offering gambling games without legal authorization. The judge imposed a fine and ordered the web site to include a link to an explanation of the new law. An important issue was the jurisdiction of the court. The court concluded that it had jurisdiction because the web site was targeting the citizens of Buenos Aires.
- According to a decision recently rendered by the Brazilian Federal District Court, a company's unauthorized access to its employees' e-mail is a privacy violation. The decision refers to a labor claim filed by an employee of a large company who was dismissed due to incorrect use of the company's e-mail (including distribution of pornographic images). The court stated that the company did not have the right to access the employee's e-mail and the evidence obtained by such access could not be used to determine just cause for dismissal. The company was ordered to pay labor indemnification to the employee.
In China
- The Ministry of Information Industry (MII) issued a circular recently that provides additional guidance on the application of Article 18 of the Tentative Regulations of the People's Republic of China Regarding the Administration of Internet Domain Name Registration. The circular prohibits an applicant from filing a follow-on registration application for an Internet domain name if the applicant had previously applied for that same Internet domain name, but then failed to file the required official application within the stipulated 30 days. The purpose of this circular is to prevent Internet domain names from being placed on "reserved" status by means of continually pre-registering the name, but never actually filing the application forms or paying the registration fee. The circular also requires that all existing applications be reviewed and then handled accordingly.
- The Standing Committee of the National People's Congress amended the Copyright Law on October 27, 2001. The revised law provides, among other things, that a copyright owner has the right to transmit its work over computer information networks and the right to collection of works. Copyright owners may therefore license the right of transmission on the Internet for economic benefits. They will also be able to seek copyright protection for their databases. In addition, the revised law provides new administrative and judicial powers including the power to grant preliminary injunctive relief and the power to award statutory damages. These powers will facilitate enforcement against copyright infringement on the Internet.
- The Standing Committee of the National People's Congress amended the Trademark Law on October 27, 2001. The amended Trademark Law contains additional provisions on protection of well-known trademarks in line with the Paris Convention for the Protection of Industrial Property. The new law grants the court the power to issue preliminary stop orders. It also provides access to judicial review in case of trademark disputes, and the court will be the final adjudicator of trademark disputes.
This memorandum is a general discussion of the legal problems of website operators and is not a substitute for professional advice on specific questions.
November 20, 2001