I had the pleasure of attending Law Seminars International’s 16th Annual Seattle Conference on New Development in Technology Law last week. The place was chock full of brilliant legal minds and even a handful of techies.

I want to spotlight one presentation in particular today. David Bateman, of K&L Gates  spoke on policing bad behavior on the internet. (He had such a peppy, positive attitude about the law’s ability to "get the bad guys." It was endearing. He reminded me of a superhero—The Cyber Avenger.)

Everyone reading this blog is much more sophisticated about technology than any of the attorneys present at the seminar (myself included), so I’m not going to waste time describing the technology. However, I am going to review some case studies that he presented and how the law is going about dealing with these issues.

You may ask yourself, "This is not my industry. Why do I care about spam and fraud?"

Spamming, Phishing, Vishing, and other types of on-line fraud increase consumer skepticism and lower click-through rates and conversions. Consumer attitudes towards online advertisements may negatively impact the viability of the digital marketing industry. If consumers become increasingly ad blind and refrain from clicking on ads, the growth of the industry may be prematurely stunted.

There is some very interesting discussion following a recent post by Danah Boyd (my hero!) regarding click-through rates and search engine marketing. She was reviewing the results of an AOL study  showing that less than 1% of internet users click on ads on a monthly basis. Of the 1% who do, less than two tenths of one percent click more often than once per month. The AOL study also exposed who is doing most of the clicking. Apparently, the promise of the digital marketing industry is being born by older, housewives from the Mid-West. Huh.

Boyd further hypothesizes that the heavy-clickers on social networking sites are probably of lower income, lower education, and more likely to meet new people through social networking sites.

Why is this a big deal? Well, there is a risk that SEM will not blossom into the industry it seems destined to become if users (especially users with disposable incomes) remain click shy. Sophisticated users won’t become true participants in online marketing until the world wide web loses its wild wild west qualities. Thus, increasing the integrity of the system is necessary to allow the industry to maximize its potential.

There have been some interesting and important decisions in 2007 regarding social networking sites and online advertising. Anti-spam legislation (Can-Spam anyone?) has been in place for several years, but it was unclear whether the courts would be willing to apply these laws to social networking sites. It was also unclear whether the courts would be willing to protect the ad revenue value proposition from seemingly innocuous, but parasitic businesses. Let’s take a look at how courts have been handling these cases.

MySpace.com vs. The Globe.com

For those of you who don’t follow lawsuits (and I can’t imagine why you wouldn’t), The Globe.com used phony MySpace accounts to send unsolicited commercial "MySpace e-messages" to MySpacers. The Globe.com allegedly went crazy nuts and sent over 400,000 messages from 95 dummy MySpace accounts. Realizing that it had to protect its value proposition and user experience, MySpace filed suit against The Globe, alleging violations of federal and state anti-spam laws and violations of its Terms of Service (hereafter sometimes referred to as “TOS”).

The Globe.com tried to win “on a technicality” by arguing that MySpace couldn’t claim violations of the anti-spam laws because MySpace isn’t an Internet Access Provider and “e-messages” aren’t the same thing as “electronic messages.” The honorable Judge Klausner didn’t buy these arguments, however. The Judge ruled that MySpace is an IAP and an e-message is the same thing as an electronic message. The Court also found that The Globe violated MySpace’s terms of service and that the damages provision requiring a penalty of $50.00 per forbidden message was reasonable. Thus, The Globe.com was ordered to pay $5.5 million in damages for abusing the social network to circulate spam. (Note: After the judge made this decision, the parties reached a private, agreed settlement of their disputes. I assume that The Globe.com threatened to appeal to a higher court unless MySpace agreed to take a lesser sum.)

If you want to read more about the Court’s reasoning and the laws involved (or if you battle insomnia), read Judge Klausner’s order at MySpace Inc. v. The Globe.com Inc., No. 06-3391 (C.D. Cal. Feb. 27, 2007).

Facebook.com vs. ConnectU.com

Facebook.com recently tried to stop a competitor, ConnectU.com, from harvesting email addresses from its website and other spammy tactics. The case is still pending, but Facebook has survived ConnectU.com’s initial attempts to get the case dismissed. Similar to the MySpace case above, ConnectU tried to argue that Facebook was not an Internet Access Provider and therefore couldn’t invoke the Federal anti-spam statute, Can-Spam. The Court disagreed and ruled that the case could proceed to trial because Facebook was allowed to invoke anti-spam statute to protect its social networking sites. The allegations that ConnectU.com breached Facebook’s Terms of Service were also allowed to proceed to trial. If you want to follow Facebook v. Connect U as it continues to develop, you can check out the docket here. Oh goody!

There are several take-away points to be harvested here. First, courts are willing to cast the anti-spam statute broadly to protect social network sites. Second, in order to protect your company against fraudsters and spammers, you should execute a top-notch Terms of Service or End User Agreements that include liquidated damages for unauthorized site usages. Essentially, you need a contract in place that clearly prohibits a site from being used by third parties for commercial purposes. Further, the contract should require the fraudster must pay at least $50.00 per unauthorized contact.

In the following two cases, courts have ruled in favor of a website’s ability to protect its ad-revenue business model from parasitic businesses.

Southwest Airlines v. Board First LLC (N.D. Tex 9/12/2007)

Board First LLC charged SW Airlines’ passengers $5.00 to log in for them and get an “A” boarding pass. The SW Airlines’ customers voluntarily permitted Board First to use their accounts to log in and perform this service on their behalf. Thus, this case is different from the social networking cases above because Board First’s purposes were not spammy, and were even permissive as far as the end user was concerned.

However, SW Airlines did not particularly care for the Board First business model because it prevented people from coming onto their website where they may have seen an ad for a rental car or hotel and clicked on it. Essentially, SW Airlines was able to demonstrate to the Judge that under the Terms of Service, no one but SW Airlines was permitted to use the site for commercial purposes and that it was entitled to insist that its users actually enter onto the site. After the Court ruled that Board First was required to stop conducting business for the duration of the case, BF simply gave up and ceded victory to SWA. Thus, the Courts were willing to apply Terms of Use agreements to prevent SWA from losing “valuable selling and advertising opportunities,” even when the users voluntarily relinquished their log in  and account information.

Ticketmaster v. RMG Technologies  (C.D. Cal. 10/16/2007)

Ticketmaster has very recently convinced a Court to protect its business model. RMG Technologies developed and employed a parasitic business model that allowed users to make thousands of automated ticket requests without the user having to visit the Ticketmaster website. RMG’s program gained access to hundreds of thousands of tickets by circumventing CAPTCHAs designed to keep automated systems from taking advantage of Ticketmaster’s platform.

Ticketmaster was successful in convincing the Court that RMG’s business violated its copyright. [Note: this is a slightly different strategy than employed above by the SNS, which relied on anti-spam statutes.] RMG’s servers contain cached Ticketmaster pages. These cached pages were unauthorized copies in violation of Ticketmaster’s copyright. Naturally, RMG cried fair use as a defense, but the court didn’t buy it. The Court said that RMG’s attorneys failed to argue anything about “The Four Factors” defining fair use (Doh! They forgot to ‘proof-up’ their argument!) and therefore could not win on that shell of an argument. Further, the Court stated that RMG violated Ticketmaster’s Terms of Service by using the Ticketmaster site for commercial purposes.

Finally, the court found that RMG violated Digital Millenium Copyright Act’s prohibition against circumventing digital rights software, such as CAPTCHA. Basically, this one was a slam dunk for Ticketmaster. If you want to read more about the case, I invite you to review the Court’s order regarding the temporary injunction.

These two cases should allay the fears of business owners who rely either wholly or in part on ad revenue. Courts are proving themselves willing to broadly interpret current laws and enforce Terms of Use in order to protect these business models. As we have seen above, this applies whether the defendant is a fraudster, a competitor, or a well-intentioned but misguided business person.

This week’s post is more about general trends in litigation and less about practical steps you can take in your business practices to reduce risk. I beg your indulgence as I take a moment to step back and look at how cyber law continues to evolve. I haven’t forgotten my promise to delve into some Trademark law.