E-Commerce Law Week, Issue 341

French Court Says "Non!" To Google’s Keyword-Based Ad Program
On February 5, in Louis Vuitton Malletier (LVMH) v. Societe Google, Inc., the Paris High Court found that Google's policy of using third-party trademarks as a trigger for the publication of targeted advertisements violated the French Intellectual Property Code. In particular, the court held that Google’s keyword-based advertising infringed on LVMH’s trademarks, facilitated unfair competition, and falsely advertised potentially counterfeit products sold by unlicensed rivals. The court ordered Google to stop displaying advertisements for LVMH's rivals when users perform web searches that include terms like "Louis Vuitton" and "LV" which are trademarked by LVMH. The court also ordered US-based Google and its French subsidiary, Google France, to pay €208,000 ($267,982) in damages and court costs.

After ChoicePoint -- A Data Security Liability Deluge?
The recent ChoicePoint security breach scandal could kick off a flood of computer security litigation. And as they try to protect consumers against identity theft, federal and state legislators are tripping over each other in the rush to be the toughest critic of corporate America's data security practices. Businesses that own or license computer data and personal information will want to pay close attention.

On February 18, a California resident filed a class action complaint against ChoicePoint in the Los Angeles Superior Court. In Goldberg v. ChoicePoint Inc. and Does 1-100, the plaintiff alleges unfair business practices in violation of California’s Business and Professions Code, as well as fraud and negligent misrepresentation. It doesn't take a crystal ball to predict that this lawsuit won't be the last computer security lawsuit this year.

Meanwhile, on February 23, an Illinois State Senator introduced S.B. 1479, the "Identity Theft Notification Act." The bill closely resembles California’s Security Breach Notification law (S.B. 1386), which requires government agencies and businesses that own or license computerized data containing personal information to disclose certain security breaches involving specific types of unencrypted personal information. Legislators in Georgia, New York, Rhode Island, and Texas have also called for security breach legislation. At the federal level, Sen. Dianne Feinstein (D-CA) has once again introduced similar legislation (S. 115), and House Energy and Commerce Committee Chairman Joe Barton (R-TX) has directed his staff to examine current security measures for digital data storage, with the aim of finding "methods, legislative or otherwise, by which data security can be strengthened."

European Authorities Favor Centralized Rules for Telecom Data Retention
The EU debate over a proposal for the mandatory retention of electronic communications data recently encountered its latest difficulties in a legal debate that echoes the US struggles between federal and state regulation. EU data retention rules were initially proposed in April 2004 by the UK, Ireland, Sweden and France, as a Framework Decision by the EU Council of Ministers requiring individual EU Member States to adopt rules on data retention in their country. The proposal was for the Council to adopt the Framework Decision under its "justice and home affairs" authority -- the so-called "third pillar" of the European Union, under which EU Member States retain broad sovereign authority.

But now, to the apparent benefit of ISPs, according to a February 14 letter from Dutch Minister of Justice Piet Hein Donner to the Dutch Parliament, the European Commission and European Parliament are taking the position that data retention must be addressed, at least in part, in a centralized manner as part of the European Community single market framework (known as the "first pillar" of the EU). This position supports that of a "Working Document" of the EP Committee on Civil Liberties, Justice and Home Affairs (LIBE). The LIBE Working Document suggested that the Framework Decision be "split into two documents" -- sections of the Framework Decision relevant to judicial cooperation would be handled under the third pillar, and the sections relevant to the EU internal market would be handled under the first pillar.

Questions and comments about E-Commerce Law Week are always welcome.  Please send your feedback to Sally Albertazzie.