E-Commerce Law Week, Issue 430

Courts Continue to Expand Employee Liability for Misuse of Company Computers

For companies, few things sting worse than an employee's betrayal -- especially when the employee uses company computers to pilfer data or establish competing ventures. As we have previously reported, the Seventh Circuit (in International Airport Centers, L.L.C. v. Citrin) and some district courts have ruled that such employees can be held liable under the Computer Fraud and Abuse Act (CFAA) on the theory that they acted "without authorization" in accessing company computers when they committed their misdeeds. In a ruling last month in Forge Industrial Staffing, Inc. v. De La Fuente, a federal district court in Illinois seemed to expand this approach even further, suggesting that activities as seemingly commonplace as using a computer to access pornography in violation of company policy or to download unauthorized software might be sufficient to make subsequent access unauthorized. If adopted by other courts, this approach could make the CFAA a more powerful tool in companies' disputes with unfaithful employees.

Court Clarifies Standard for Identifying Online Posters Of Damaging Content

Although several courts have recently found that plaintiffs must meet a heightened evidentiary standard when attempting to unmask John Doe defendants, exactly what evidence might be sufficient to meet these standards has remained unclear. As we reported previously, in Best Western International, Inc. v. John Doe, et al., a federal court in Arizona ruled in July that before requiring ISPs to disclose information identifying anonymous (or pseudonymous) posters of allegedly defamatory messages, a plaintiff must present evidence sufficient to establish a prima facie case of actionable harm capable of surviving a motion for summary judgment. (This ruling followed the Delaware Supreme Court's reasoning in Doe v. Cahill.) Because BWI's complaint did not provide factual support for its claim that the defendants "engaged in wrongful conduct not protected by the First Amendment," the court denied BWI's first motion for expedited discovery. But last month, the court granted BWI's renewed discovery motion, finding that BWI's evidence that the John Does had breached contracts and thereby caused it injury was sufficient to establish a prima facie case. This ruling thus begins to clarify -- both for ISPs and for businesses worried about online defamation or the theft or leaking of confidential information -- when and how plaintiffs can require ISPs to identify someone who has posted defamatory or confidential information on the Internet.

FTC Draws Settlement From Adware Operator

With Congress having yet to enact legislation to specifically address spyware and adware, the Federal Trade Commission has again shown its willingness to get out in front of lawmakers by wielding its broad statutory authority to go after "unfair or deceptive ... practices" that affect computer users' security and privacy. The Commission announced on November 3 that alleged adware distributor Zango, Inc. and two of its principals had agreed to settle charges that they violated the FTC Act by failing to "adequately disclose" that their adware was bundled with other software and unfairly installing "adware that could not be reasonably identified, located, or removed." Under the agreement, the respondents admit no wrongdoing but are required to pay $3 million to the FTC and make several changes to their business practices.

FCC Classifies Broadband Internet Access Over Power Line as "Information Service"

As widely expected, on November 3, the Federal Communications Commission declared Broadband over Power Line (BPL) Internet access service to be a largely unregulated "information service" under the Communications Act of 1934, and not a "telecommunications service" subject to common carrier regulation. The FCC' s decision is in line with the Commission's goal of developing a consistent regulatory framework across broadband platforms by regulating like services in a similar manner. The FCC has previously declared cable modem and wireline broadband services (e.g., DSL) to be "information services." As a matter of policy, the FCC's decision to subject BPL-enabled Internet access services to the same regulatory framework as cable modem and DSL services is eminently defensible. However, as we have previously pointed out, the FCC's tortured interpretations of the terms "information service" and "telecommunications service" in the Communications Act and the Communications Assistance for Law Enforcement Act have left much to be desired.

Questions and comments about E-Commerce Law Week are always welcome. Please send your feedback to Sally Albertazzie.