Sunday, August 24, 2014

We All Own the Monkey's Selfie.


File:Macaca nigra self-portrait.jpg

A macaque monkey in Indonesia steals a photographer’s camera and then snaps a few selfies.  Really, that happened. (See picture left). 

(Source: Wikimedia Commons)


Sometime later, the photographer recovers his camera, publishes the selfies, and claims copyright ownership in the pictures.   Enter Wikipedia, which copies the pictures and makes them available through its free, worldwide image repository.  The photographer protests, claiming that Wikipedia is infringing his copyright in the pictures.  

So, has Wikipedia infringed the photographer’s copyright in the pictures?  Not at all, says the U.S. Copyright Office.  And I agree.

In a 1200+ page report issued by the Copyright Office this week, the U.S. government  brought the issue into focus (pun intended) by declaring that a work can be protected by copyright only if the work is the “fruits of intellectual labor” that “are founded in the creative powers of the mind.”  Moreover, the “mind” that does the "creating" must be a human mind; animal minds don’t count. To illustrate its position, the Copyright Office specifically cited a “photograph taken by a monkey” as an example of a work that could not be copyrighted.

(You can read the Copyright Office’s position yourself—it’s on page “Chapter 300: 8” of the report.)

So what happens to the pictures snapped by the monkey that were published by the photographer?  Answer: they are in the public domain, and can be distributed, for free, by Wikipedia.  And by you.  And by me.

This raises the question: how could the photographer have protected the pictures taken by the monkey?  

First, let’s separate this case from situations in which nature photographers purposely position cameras in certain outdoor locales.  Here, the camera was stolen by the monkey, and the pictures were the serendipitous result of the monkey’s actions.  The images were not the product of any degree of creative thought by the photographer.  Had the camera been purposely placed in a particular locale, the resulting images would have reflected the foresight and creativity of the photographer.  But that didn’t happen.  Instead, the monkey took control of the situation, and everything that occurred was the direct result of the monkey’s curiosity; the photographer had nothing to do with it.

Next, let’s remember the number one maxim of copyright law, namely, ownership vests in the author of the work.  (If you remember nothing else about Copyright Law, remember that.)  In this situation, who “authored” the work?  Answer: the monkey.  The photographer simply acquired the digital image from the camera.  He “authored” absolutely nothing.  So, under U.S. law, the monkey owns the work because the monkey authored the work.  

Now, you may be thinking, "The picture was taken outside of the U.S.--so that changes things, right?" No, in most cases, it doesn't.  Neither the U.S. nor any other country that is a member of the Berne Convention (which governs international copyright issues among its 167 members) allows animals to own copyrighted works.  So,  in this case, the monkey has no rights, and the selfies are in the public domain.

Back to my original question: what could the photographer have done to protect the pictures?  Well, he could have transformed the pictures into something other than the selfie authored by the monkey.  He could have enhanced the colors in an artistic manner, or applied filters to the picture to make the picture look like something other than the plain ol’ selfie snapped by the monkey.  In short, he could have--and should have--done something original to the photograph, in which case he would have owned the photograph as modified by his own creative efforts. 


Tuesday, June 24, 2014

Why The Washington Redskin's Trademark Was Cancelled: A Primer

Over the past few days I've received many emails and texts asking me whether I thought the USPTO's cancellation of the Washington Redskin's federal trademark was correct.  The answer is an easy, and obvious, yes--and it has nothing to do with the public backlash over the (ridiculous) use of a racial slur in the team's name.  Instead, it has everything to do with basic principles of trademark law.

Let's start by saying this: the name "Redskins" is regarded by Native Americans (and most educated non-Native Americans) as a derogatory term.  When you have a word or phrase that is regarded by most people as a derogatory term, then (surprise!!) it IS a derogatory term.  It's a slur, plain and simple.

"Redskins" is a slur, and it has been a slur for a very long time--including in 1972, the year in which the Washington Redskins were awarded their trademark.  For trademark purposes, the issue begins and ends right there.

Warning: legal lingo aheadFasten your seatbelts.


In the U.S., federal trademark law is covered under a statute called the Lanham Act.  One particular section of the Lanham Act (specifically, 15 U.S.C. § 1052(a)) says that you can't register a word or phrase as a trademark if the word or phrase, at the time of the registration, may disparage persons or "bring them into contempt or disrepute."  Put another way, you can't register a slur since a slur, by definition, disparages a group of people


Now, re-read the third paragraph of this blog entry.


Got it?  It's really a simple analysis.  Now you're as qualified to talk about the USPTO's cancellation of the Washington Redskin's trademark as any lawyer out there...you can even throw around words like "Lanham Act" and impress your friends--that is, if they get impressed by that sort of thing.


And if you're wondering if the Washington Redskins "lost" their trademark, here's another (simple) answer: they didn't


Warning: legal lingo aheadFasten your seatbelts again.


Under the Lanham Act, a trademark receives a particular type of protection (called "common law" protection) once it is used in interstate commerce.  A trademark owner does not need to register her trademark with the USPTO to enforce the trademark in court.  (Registration is highly recommended, but not absolutely necessary).


So, if a trademark can be protected through mere use, then why should someone ever bother to register a trademark with the USPTO?  That's a good question, but one which will have to wait for another time.  For now, dear reader, just understand this: the Washington Redskins can fully enforce their trademark under "common law", and they have lost no rights whatsoever in their name.  (Anyone who tells you something different is likely trying to sell you knock-off Washington Redskin products at cut-rate prices).


Now, go tell your friends that Washington Redskins still have "common law" trademark protection regardless of the fact that the Lanham Act required the USPTO to cancel the team's federal trademark.  If that doesn't impress them, then immediately tell them that you're a Jets fan (as I am).  That will distract them long enough for you to make your getaway....

Monday, June 9, 2014

Glad to Have Had MSPmentor in the House....

Thanks to Dan Kobialka at MSPmentor for the online review....

Check out his article here.

For those of you not in attendance at Automation Nation 2014, here's a little of what you missed (and what Dan saw).  Want to learn more?  Contact me.






Wednesday, March 20, 2013

Published Here Or Abroad? Regardless, It's All Good (Says the Supreme Court).

Today the Supreme Court handed down its decision in the case of Kirtsaeng v. John Wiley & Sons.  The case involves a college student who got sued by a book publisher because the student sold his foreign-made textbooks once he was done using them.  (Yes, you read that correctly. He was sued for selling textbooks that were published abroad, but which he used and sold in the U.S. once he was done with them.  Sound crazy?  Read on...)

Even if you're not into selling textbooks, you should be happy with the decision.  Really happy.  Like, celebratory-type happy.  Why?  Because the Kirtsaeng decision clarifies the fact that you're not breaking the law when you sell or buy certain foreign-made goods on sites such as eBay or Amazon. 

Here's the story:  Kirtsaeng, a citizen of Thailand, came to the U.S. to attend Cornell University (for undergrad), and the University of Southern California (for a Ph.D).  While in the U.S., he asked his friends and family back in Thailand to buy copies of foreign edition English language textbooks at Thai book shops--where they sold for low prices--and mail them to him in the U.S.  Once he was done with the books, Kirtsaeng sold the books, reimbursed his family and friends, and kept whatever profit remained from the sale.

Enter the book publisher, John Wiley & Sons.  Wiley was less than thrilled that Kirtsaeng was selling his foreign-made books, since it prevented Wiley from selling those same books (copies of which Wiley had published in the U.S.) for a higher price.  Wiley claimed that Kirtsaeng's importation of its books, and his subsequent resale of those books, amounted to an infringement of Wiley's exclusive right to distribute its books in the U.S.

Ok, let's pause for a moment to consider the law...and to keep score.

Under the Copyright Act, authors posses the exclusive right to control the distribution of their works.  (Score one for Wiley).  

There is, however, an exception to this exclusive right of distribution, called the "first sale rule."  The first sale rule carves out an exception to all three forms of intellectual property protection, (i.e.,  copyright, trademark and patent).  With regard to copyright law, the rule provides that a person who owns a lawfully made copy of a copyrighted work may “sell or otherwise dispose” of that copy without the authorization of the copyright owner.  (Score one for Kirtsaeng).

But wait, there's an exception to the exception...or is there?  (Stay with me now, because this is the crux of the case.)  

The Copyright Act says that the first sale rule applies only to works "lawfully made under this title."  But what does that mean?  

Wiley argued that the textbooks were made overseas, and were intended to be distributed overseas.  Wiley point was this: the books were not 'lawfully made' under the Copyright Act--they were 'made' under foreign law, so the first sale rule didn't apply, and it didn't protect Kirtsaeng.  (Hmmm.  An interesting point--and one with which many courts across the country agree.)

Kirtsaeng countered that the words "lawfully made" meant "legally made", i.e., the books needed to be authentic and not pirated.  Since the books were authentic and "legally made" (albeit overseas), Kirtsaeng argued that the first sale rule applied to his purchase and subsequent sale of the books, and protected him from claims of copyright infringement by Wiley.  

In a 6-3 decision, the Supreme Court agreed with Kirtsaeng and held that there is no geographic limitation on the first sale rule. Put another way: it doesn't matter if the item was made abroad and was intended to be sold abroad.  In fact, it doesn't matter where the item was made at all.  Under Kirtsaeng, when a purchaser buys an item, the first sale rule permits the purchaser to subsequently sell that item in the U.S. without the author's or manufacturer's permission.


So why should you care?  Well, let's think about that import disc that you want to sell on eBay.  Or that book you bought in Europe that you're selling on Amazon.com.  Or any item that may have originally been made and sold in Asia, but made its way to the U.S.  In the days before the Kirtsaeng decision, it wasn't clear whether you had the right to sell those items without first getting the original author's or manufacturer's approval.  Now, the Supreme Court has made it crystal clear that the first sale rule covers the transaction.

The decision is even more important for technology companies.  As Justice Breyer said, 

Technology companies tell us that automobiles, microwaves, calculators, mobile phones, tablets, and personal computers contain copyrightable software programs or packaging. ... Many of these items are made abroad with the American copyright holder’s permission and then sold and imported (with that permission) to the United States. ... A geographical interpretation would prevent the resale of, say, a car, without the permission of the holder of each copyright on each piece of copyrighted automobile software. Yet there is no reason to believe that foreign auto manufacturers regularly obtain this kind of permission from their software component suppliers... Without that permission a foreign car owner could not sell his or her used car.
Well said Mr. Justice, well said.  

Tuesday, November 13, 2012

Upsell By Clickwrap? The Second Circuit Says "Not So Fast..."

Have you ever purchased something from a website only to get bombarded at the checkout or payment screen with offers of other products or services?  That process, called "upselling", is a merchant's last ditch effort to get you to spend a few extra bucks before you close your browser. 
 
Sometimes upsells are easy to spot.  Other times, upsells are so intertwined in the checkout page that it's difficult to figure out where the terms of the original purchase end, and the upsold product begins. All too often, flashy and deceptive upsells trick unwary consumers into buying items that they didn't want, and don't need.

But a recent court ruling may help put an end to deceptive and confusing upsells.  In Schnabel v. Trilegiant Corp., the Second Circuit held that purchasers who unknowingly enrolled in an upsold "Great Fun" membership plan were not bound to an arbitration provision contained in the membership plan's "Terms & Conditions" agreement.  The case, which you can read here, clearly demonstrates how courts are loathe to enforce clickwrap agreements that are anything less than clear and conspicuous.

In Schnabel, the plaintiffs were invited to click on a hyperlink to receive "cash back" on purchases they had made at Priceline.com and Beckett.com--pretty standard stuff as far as upsells are concerned.  But the "Great Fun" membership was no ordinary upsell. In this particular case:
  1. The upsell did not indicate that the "cash back" offer involved merchants other than Priceline and Beckett.com;
  2. The upsell included terms (including an arbitration provision) that were emailed to the plaintiffs after they had already enrolled in the Great Fun membership plan; and,
  3. The membership cost $14.99/month, which was automatically charged to each plaintiff's credit card. Curiously, however, the plaintiffs never provided their credit card numbers to the membership plan.  (How can that be?  Answer: it's called 'post transaction marketing'.  It's also called 'data passing'.  More on that in a future blog entry...)
 
The court questioned whether, in light of the peculiar conditions involved in the Great Fun upsell, the plaintiffs ever gave their assent to enroll in the Great Fun membership plan.  The court focused on three factors: (i) the timing of the contract formation ("an offeree cannot actually assent to an offer unless the offeree knows of its existence"), (ii) notice ("A]n offeree, regardless of apparent manifestation of his consent, is not bound by inconspicuous contractual provisions of which he is unaware, contained in a document whose contractual nature is not obvious"), and, (iii) manifest or implied assent ("silence constitutes assent only in particular circumstances, such as where there is a duty to respond or where there is a contemporaneous oral agreement").
 
  After considering the relevant factors, the court held that 
[t]he plaintiffs were never put on inquiry notice of the arbitration provision, and their continued credit-card payments, which were auto-debited from their credit cards, were too passive for any reasonable fact finder to conclude that they manifested a subjective understanding of the existence of the arbitration and other emailed provisions and an intent to be bound by them in exchange for the continued benefits Great Fun offered.
If there's a lesson to be learned here, it's this: clickwrap agreements are alive and well--and generally enforceable--unless they are too complex, confusing or generally unfair, in which case they won't be enforced. 

Friday, September 7, 2012

Clickwrap / Browsewrap Agreements: It’s the Notice, Stupid!


If your company sells stuff online, it likely relies on a Terms of Use link to bind its customers to a purchase agreement, or requires its customers to click through a Terms of Use agreement before a sale can be consummated.

But is that enough?   A recent case out of NY says, maybe not.

In Nguyen v. Barnes & Noble, Inc., the plaintiff purchased two 16 GB HP TouchPad Tablets for $101.95 through Barnes & Noble’s website.  A short time later he received an email from Barnes & Noble confirming his order.  All seemed well until the next day when the plaintiff received another email from Barnes & Noble canceling his order, stating that his order would “not be shipped for the advertised price.”

As a result, the plaintiff “was unable to obtain an HP Tablet during the liquidation period for the discounted price, “and he was “forced to rely on substitute tablet technology, which he purchased . . . [at] considerable expense.”  (Yes, I know…that’s a peculiar basis for a lawsuit.  And yes, I know, he might have been able to get “substitute tablet technology” from eBay or a hundred other places at a discounted price.   And yes, I know, HP’s “tablet technology” might have been unsuitable for his needs—remember, HP discontinued those tablets due to poor sales.  But the merit of the plaintiff’s lawsuit isn’t as important as what happened next….so let’s move on.)

Barnes & Noble moved to dismiss the lawsuit and to compel arbitration, citing its website’s “Terms of Use” document that required arbitration for all claims arising from purchases made through the website.  The plaintiff countered by arguing that he didn’t agree to arbitrate his claims because the website didn’t require him to click through or affirmatively assent to the website’s Terms of Use.  (In fact, this was true: the Terms of Use hyperlink was located on the bottom left corner of each webpage, and it wasn’t necessary for a visitor to click on the Terms of Use hyperlink in order to buy something through the website.)  The plaintiff further argued that the Terms of Use were inapplicable since (i) he never clicked on the Terms of Use hyperlink, and (ii) he never actually read the Terms of Use before making his purchase. 

The court agreed with the plaintiff, and refused to dismiss the case against Barnes & Noble.  This was a predictable (and in my opinion, correct) result.  See, if you follow these types of clickwrap/browsewrap cases, then you know that these cases are rarely decided on whether a person had to click an “I Agree” button or follow a Terms of Use hyperlink.  Instead, the key to these cases is simply whether the person had reasonable notice of the terms imposed by the seller.  (Now the title of this blog article makes sense, right?)

There’s no bright line rule governing when and how “reasonable notice” is provided at a seller’s website.  But here’s my informal, not-legal-advice-but-for-educational-purposes-only list that might help you determine whether notice is “reasonable”:

Likely sufficient:
  • The buyer has to affirmatively click “I Agree”.
  • The buyer has to click a checkbox indicating his/her assent to the website’s terms.
  • The Terms of Use hyperlink is clear and conspicuous and located in the upper portion of the seller’s website.
  • The buyer is a regular visitor to the seller’s website, and is familiar with the Terms of Use of the seller’s website.

Likely insufficient:
  • The Terms of Use are provided after the sale is completed.
  • The Terms of Use are buried on the bottom of the seller’s website, and/or are displayed in a small font that could be overlooked easily by customers.
  • The color scheme used to create the Terms of Use hyperlink makes the hyperlink difficult to distinguish from the surrounding background material.  


Wednesday, August 29, 2012

Guidelines Prodding Companies to Disclose Cyberattacks? Not Likely.

Last October, the SEC issued guidelines to companies about when they should notify their shareholders about incidents involving cyberattacks.  The guidelines were--and still are--voluntary, so public companies are still free to keep cyberattack incidents out of earshot of their shareholders.   I'm not sure if that's a good thing or not--reasonable people can disagree on the issue.  But I feel pretty confident about one thing: companies are not revealing incidents involving cyberattacks because they feel legally or ethically compelled to do so.

Since issuing the guidelines, the SEC "nudged" Amazon.com to be more forthcoming about the cyberattack incident in which its subsidiary, Zappos.com, was targeted.  In April, Amazon provided certain additional references about the attack in its annual report, but nonetheless argued that the disclosure was not required under SEC rules.  (By the way, I agree with Amazon's position.  Unless the incident materially impacts the business, disclosure isn't generally required under SEC rules.)

Both Verisign and LinkedIn made public announcements about cyberattacks on their systems, but it was unclear whether those announcements were motivated by the SEC's guidelines, or by the desire to maintain damage control using the press.

So what's happening here? Are companies being more forthright about cyberattacks because they have to be?  Some pundits think so--check out the article in today's Bloomberg News.  

But I disagree.  Companies are not disclosing cyberattacks because they feel like they have to do so.  If they felt legally compelled to make such disclosures, we'd be bombarded with stories about cyberattacks on a daily basis.  

So which cyberattacks do we hear about?  How does a company make the decision to release information about a cyberattack?

First, there's the easy answer: if the security or integrity of customer data was compromised, then companies will notify the public of the cyberattack in accordance with applicable state and federal laws.  (That situation is the legal equivalent of a ground ball to first base: it's an easy out.)

But what about cases in which the attack does NOT result in customer data becoming compromised?  Do we hear about those cases?  Those are far more intriguing cases, and usually involve internal conversations in the impacted companies that go like this:
Company: "We've had a security breach."
Company's Attorney: "No way!  Really?  Wow.  What happened?" 
Company: "We're still looking into what happened, but we know all our data is safe.  It's encrypted.  Even if they saw it, they can't open it or read it." 
Company's Attorney: "That's a good thing.  So no one's information was compromised?" 
Company: "No, whoever did this won't be able to decrypt it.  But tell me, do we have to tell anyone about this?" 
Company's Attorney: "Hmmm...since the data was encrypted, I don't think we need to say a word about it.  But who else knows about this?" 
Company: "More people than we had hoped.  It's going to get leaked to people outside the company.  It probably already has." 
Company's Attorney: "Ok, then let's do damage control so no one gets the wrong idea about what happened.  Issue a press release stating that the company was attacked, that such attacks are becoming commonplace, that such attacks are a reality in today's online world, and that the company's security precautions successfully withstood the attack.  Within a few days, no one will care about the incident."


The bottom line is this: until the law requires disclosure, we shouldn't expect companies to voluntarily discuss the fact that they were targeted by hackers.  If an incident does get reported (especially incidents in which no customer data was compromised), it's likely the result of a company exercising damage control, as opposed to the company feeling legally compelled to discuss the matter with its shareholders.