E-Commerce Law Week, Issue 339

Not So Fast, Mon Ami -- Yahoo! v. LICRA to get Rehearing
In the international legal tennis game over France's assertion of criminal jurisdiction over Yahoo! servers in California, the ball has been whacked smartly back into U.S. court. Faced with a criminal action in French court arising out of Nazi-related paraphernalia on its website, Yahoo! got a declaratory judgment from a California District Court saying that a French judgment that violated the First Amendment would be unenforceable in the U.S. Last year, that decision was reversed on appeal , on a fairly technical ground. A split panel of the Ninth Circuit held, somewhat ironically, that there was insufficient basis for U.S. courts to exercise jurisdiction over the French defendants. On February 10, the Ninth Circuit granted Yahoo!'s request for rehearing en banc. While briefing and argument will take some time, the final decision will have signficant consequences.

A Pre-Season Spyware Legislation Round-up
There's only one thing more thrilling than the snowy, gridiron trenches of the NFL playoffs -- spyware legislation. Okay, maybe not. But with the Super Bowl now over, it's time to shift the spotlight to the next big sports season: the nationwide effort to criminalize spyware. And there are some pre-season developments to report.

At the federal level, action in the House of Representatives on Rep. Mary Bono's (R-CA) Securely Protect Yourself Against Cyber Trespass Act, or "SPY ACT" ( H.R. 29 ) looks imminent. The House had resoundingly passed this bill (then numbered H.R. 2929 ) last October by a vote of 399 to 1, but time ran out in the Congressional session before the Senate could do the same. A federal bill could arrive none too soon though, because as of February 8, 15 state legislatures either have enacted or introduced anti-spyware legislation. The state bills generally resemble H.R. 29, but several may be more troublesome for legitimate programs that might be mistaken for spyware. California's S.B. 1436 (passed last September and effective as of January 1, 2005) and legislation pending in Washington and Maryland grant state residents a private right of action to sue violators. In addition, a number of other state bills do not contain H.R. 29's specific exemption for cookies. While the latter set of state bills may define "software" narrowly enough to exempt standard-issue cookies, there is also a danger that they could be construed to restrict use of active data-mining technologies (e.g., pop-up ads that gather information) without prior notice to users.

FCC Publishes List of Off-Limits Wireless Device Domain Names Under Spam Rule
On February 7, the Federal Communications Commission (FCC) published on its website a list of Internet domain names that are associated with wireless service subscribers. Senders have 30 days in which they must stop sending or figure out how to prevent their systems from sending commercial messages to individuals at addresses that include any of the published domain names, unless the individual has given the sender prior, express authorization. The list of domains was published in accordance with the FCC's August 2004 rule implementing the CAN-SPAM Act's prohibition on sending commercial email to wireless devices. The FCC's rule explicitly does not apply to forwarded messages, however.

US and Canada Airline Data Deals With Europe Face Differing Flight Conditions
In the past year, the European Commission (EC) has approved agreements with both the United States (in May 2004) and Canada (in January 2005) on disclosure by European airlines of information on their passengers to law enforcement authorities in the two countries. But while the recent Canadian deal has experienced a relatively smooth flight, the US agreement has already seen severe turbulence and could be flying in turbulence for years.

The EU Article 29 Data Protection Working Party (Working Party) endorsed the agreement between the EC and the Canada Border Services Agency in a January 19 opinion. By contrast, however, the Working Party did not explicitly support the agreement between the EC and the US Department of Homeland Security (DHS) and instead issued guidance on information to be given to passengers regarding the agreement. Meanwhile, the European Parliament has sued the EC to block implementation of the EC-DHS deal.

Questions and comments about E-Commerce Law Week are always welcome. Please send your feedback to Sally Albertazzie.