We’re excited to announce our new video series with Attorneys Tor Ekeland, Mark Jaffe, and Fred Jennings! We’re new at this and working on our video skills (next up windscreens!), but our lawyers, and their insights, are already top notch! Follow us on YouTube for upcoming videos, including insight, opinion, rants and tips on Computer Crime Law, Cyber Security, CFAA rants, Business Law, Trademark and Copyright Law, Federal and State Trials and Appeals, and more. Click the image above to watch a quick video on why you need an attorney who can speak tech!
Computer Law
The Firm just filed Matthew Herrick’s Reply Brief, alongside Carrie Goldberg PLLC, in Herrick v. Grindr, LLC, et al., No 18-396 (2nd Cir. 2018) in the federal Second Circuit Court of Appeals in New York City.
This brings the appellate briefing to a close. We expect the Court to grant oral arguments in the next few months in this disturbing and important computer law case. During the course of over a year Grindr’s App directed over a thousand unwanted men to Mr. Herrick’s home and work. They were looking for violent sex, some thinking he was HIV positive, some that he had free drugs, and some were angry at him for racist comments his stalker was making on Grindr in his name. The men heading to Matthew’s house got his geolocation sent to them through the Grindr App’s geolocation function. Grindr’s geolocation feature told the men how many feet away they were from Mr. Herrick. His life became a nightmare of unwanted strangers looking for sex. Mr. Herrick asked Grindr roughly 50 times for help in stopping his stalker. Grindr just ignored him. Just like Mr. Herrick’s stalker ignored the restraining order against him. The police were slow to do anything for over a year. The police are ill equipped, understaffed, and untrained in responding to cyber-stalking. After Grindr ignored him, Mr. Herrick sued Grindr because they were the only ones who could easily stop what was happening, and they marketed themselves as a safe space. Grindr claimed immunity under the Communications Decency Act (CDA) § 230. CDA § 230 is a 1996 law passed by Congress intended to protect early internet bulletin board systems like AOL, Prodigy, and CompuServe from traditional publication tort liability (defamation, invasion of privacy, false light, etc.) for publishing third part content. That roughly means they can’t be liable for publishing something on the internet that someone else posted. They’re still liable for their own content, just not that of others who post to their system. The idea was that it was too costly to screen all that third-party content, and if people were liable for it no one would open an internet company. In 2018 this rationale no longer holds true, the business of the internet is data mining, predictive behavioral analysis, and the sale and trade of data. Gone are the quaint days when subscription bulletin board service was the internet’s business model. It’s been crushed by the advertising empires of Facebook and Google. Regardless, Mr. Herrick isn’t trying to hold Grindr liable for the publication of third-party content. He’s asking Grindr be held responsible for its conduct and content.Mr. Herrick is suing Grindr under product liability and negligence theories based on their failure follow industry standard safety and design practices. When Mr. Herrick’s stalker tried to weaponize Grindr’s competitor Scruff against him, Scruff responded and stopped it within a day. Because Scruff had the tools, policies, and procedures in place to do it. Mr Herrick seeks to hold Grindr to the level of responsibility the industry already adheres to. The case has attracted significant attention from Amicus on both sides. A number of domestic violence, victim’s rights, and consumer watchdog and privacy organizations filed briefs on Mr. Herrick’s behalf, including: the Electronic Privacy Information Center (EPIC), Sanctuary for the Family, Cyber Sexual Abuse Task Force, Day One, DV Leap, Her Justice, Legal Momentum, My Sister’s Place, Safe Horizon, Consumer Watch Dog, Break the Cycle, National Association of Women Lawyers, National Network to End Domestic Violence, Legal Aid Society of Orange County, and the Public Law Group. The Computer and Communications Industry Association, EFF, CDT and others filed Amicus Briefs on behalf of Grindr. EPIC has a background page with the briefs here When Mr. Herrick’s stalker tried to weaponize Grindr’s competitor Scruff against him, Scruff responded and stopped it within a day. Because they had the tools, policies, and procedures in place to do it. Matthew seeks to hold Grindr to the level of responsibility the industry already adheres to.Intellectual Property News
You can’t forget that there are a number of factors to consider when you enforce your trademarks. One of them is: How will your enforcement appear to the public?
A few weeks ago, the restaurant chain In-N-Out Burgers made the news for its beef with a San Francisco brewery that created a beer called “In N Stout”. But instead of being grilled as the bad guys launching a shakedown against the little guy, the big company is being praised for its light-hearted approach.
The brewery Seven Stills didn’t just use a play on In-N-Out’s name – the beer can mimicked In-N-Out’s trade dress and logos. There was little doubt that the beer intended to evoke In-N-Out. From In-N-Out’s perspective, the beer could create a false impression that it was associated with the restaurant – what trademark law calls a “likelihood of confusion.”
But In-N-Out’s inevitable demand letter, although firm, reflected the restaurant company’s sense of humor. In-N-Out “felt obligated to hop to action to prevent further issues from brewing” by noting the brewery’s attempt to “distill” its rights. Seven Stills posted the demand letter (borrowing a completely different trademark, ironically) and asked its followers to spot all the booze-related puns.
It was, perhaps, an ideal way for In-N-Out to stop the brewery before the dispute broiled any further. And, recognizing that demand letters are often reposted on the internet, it tried to make its point while remaining in the public’s favor by writing a deliberately cheesy letter.
Over the last few years, similar tongue-in-cheek approaches were tried by Jim Beam, TGIFriday’s, and Netflix enforcing its Stranger Things trademark and copyrights.
Each of these companies had the benefit of leverage. If the smaller companies at the receiving end of these humorous demand letters decided not to comply, the larger companies might have to be more aggressive. And to be sure, aggressive enforcement is often necessary to protect your trademarks and defend your brand. If your trademarks aren’t enforced at all, you can lose your rights. At worst, they can be deemed “abandoned”, but at the very least, they can be deemed weak and mostly unenforceable if there are numerous similar uses and you just let them go. Additionally, if you let others thrive for too long, you might lose your opportunity to sue based on a concept called “laches”, which is legalese for “slept on your rights.”
Conversely, companies with registered trademarks should be concerned about public backlash to ill-considered enforcement. This can happen where the claimed trademark is perceived to be cultural appropriation of a relatively common term. Or, questionable enforcement of a registered trademark can result in an organized backlash from the support of a close-knit community you rely on.
There’s much more to maintaining and enforcing a successful trademark than registering the trademark with the USPTO. Companies need to make careful consideration in creating their trademarks so that enforcement won’t become too costly or impractical, and must also know that any demand letter can be shared with the world in a matter of seconds.
A good trademark strategy means that you are known for the strength of your brand, and not for being a trademark bully.
CFAA News
Microsoft Excel’s newest feature might get you in deep with CFAA violations
Last month, Microsoft announced a new Excel feature to automatically import data from web pages. This extremely useful feature, however, might violate the CFAA in certain situations. The CFAA’s broad language can bring about felony charges or expensive civil lawsuits out of harmless, everyday online activity. In the firm’s cases, we’ve seen port scanning, URL guessing, scraping of publicly accessible data, and VPN use form the bases of civil and criminal CFAA complaints. To address this, many federal circuits have interpreted the CFAA’s terms “access” and “authorization” in ways that attempt to mitigate the risk of innocent behavior being included in the statute’s broad terms. Yet some circuits still adhere to what’s commonly referred to as the “Contract Theory” of authorized access, which can make violation a website’s Terms of Service (ToS) the basis for losing authority to access. In those circuits, if a ToS prohibited automatic scraping, users of Excel’s handy web import tool would risk CFAA liability or even criminal charges. In other words, Microsoft Office has created a feature with which anyone could be violating the CFAA without any idea that they were. And don’t think that just because you’re not doing anything wrong the DOJ, or a company, won’t pursue you under the CFAA. We see it all the time.What We Are Looking Forward To
Tor is featured in an upcoming documentary Trust Machine: The Story Of Blockchain.
Directed by award-winning documentarian Alex Winter and narrated by Rosario Dawson. TRUST MACHINE drills down on #blockchain technology. Why are banks terrified while UNICEF embraces it to feed refugee children? Is blockchain technology poised to be bigger than the Internet or a bubble built on hype? Trust Machine will be playing in select theaters October 26th. Get your tickets here.
29 Rooms
Our Office Assistant, Alara will be headed to one of the country’s most up and coming art experiences, 29 Rooms. Refinery29 is in its second year of bringing culturally-relevant art through interactive rooms offering onsite drawing, crafting, and artist tutorials. Get your tickets here!
